Detecting Exploit Primitives Automatically for Heap Vulnerabilities on Binary Programs

12/23/2022
by   Jie Liu, et al.
0

Automated Exploit Generation (AEG) is a well-known difficult task, especially for heap vulnerabilities. Previous works first detected heap vulnerabilities and then searched for exploitable states by using symbolic execution and fuzzing techniques on binary programs. However, it is not always easy to discovery bugs using fuzzing or symbolic technologies and solvable for internal overflow of heap objects. In this paper, we present a solution DEPA to detect exploit primitives based on primitive-crucial-behavior model for heap vulnerabilities. The core of DEPA contains two novel techniques, 1) primitive-crucial-behavior identification through pointer dependence analysis, and 2) exploit primitive determination method which includes triggering both vulnerabilities and exploit primitives. We evaluate DEPA on eleven real-world CTF(capture the flag) programs with heap vulnerabilities and DEPA can discovery arbitrary write and arbitrary jump exploit primitives for ten programs except for program multi-heap. Results showed that primitive-crucial-behavior identification and determining exploit primitives are accurate and effective by using our approach. In addition, DEPA is superior to the state-of-the-art tools in determining exploit primitives for the heap object internal overflow

READ FULL TEXT
research
11/24/2022

Specognitor: Identifying Spectre Vulnerabilities via Prediction-Aware Symbolic Execution

Spectre attacks exploit speculative execution to leak sensitive informat...
research
09/27/2021

Casting exploit analysis as a Weird Machine reconstruction problem

Exploits constitute malware in the form of application inputs. They take...
research
05/12/2021

Guardian: symbolic validation of orderliness in SGX enclaves

Modern processors can offer hardware primitives that allow a process to ...
research
08/30/2023

Test Primitive:A Straightforward Method To Decouple March

The academic community has made outstanding achievements in researching ...
research
10/05/2020

UNIFUZZ: A Holistic and Pragmatic Metrics-Driven Platform for Evaluating Fuzzers

A flurry of fuzzing tools (fuzzers) have been proposed in the literature...
research
01/14/2023

Desbordante: from benchmarking suite to high-performance science-intensive data profiler (preprint)

Pioneering data profiling systems such as Metanome and OpenClean brought...
research
07/30/2017

Learning to Infer Graphics Programs from Hand-Drawn Images

We introduce a model that learns to convert simple hand drawings into gr...

Please sign up or login with your details

Forgot password? Click here to reset