计算机工程2025,Vol.51Issue(4):178-187,10.DOI:10.19678/j.issn.1000-3428.0068783
面向内核漏洞利用的堆喷对象控制代码自动化生成技术
Automatic Generation of Code for Heap Spraying Object Manipulation Targeting Kernel Vulnerability Exploitation
摘要
Abstract
Developing exploits for vulnerabilities is the primary method of evaluating the exploitability of kernel vulnerabilities.Heap spraying objects are widely used in the exploitation process to execute malicious behaviors,such as malicious content injection and memory layout manipulation.Currently,the basic types of heap spraying objects have received limited attention,and code that can edit the content of heap spraying objects has not been generated.Therefore,this paper proposes the automated technplogy for heap spraying objects manipulationg code for kernel vulnerabilities exploitation.This technology includes heap spraying object recognition based on usage-definition chain analysis and heap spraying object control code generation based on guided fuzzy testing.Usage-definition chain analysis is used to statically identify heap spraying objects within the target kernel and the key code positions that can manipulate these objects.Using the identified key codes as target points,guided fuzzy testing technology is applied to dynamically generate control codes for the target heap spraying object to assist in vulnerability exploitation.Experimental results show that the techniques can identify and generate the control code of 28 heap spraying objects in Linux 5.15,which covers all heap spraying objects identified in existing works.23 generated codes can control the heap spraying object to achieve the expected target with a success rate of 82.1%.The case analysis shows that the manipulating code generated by these techniques can be used to exploit real-world kernel vulnerabilities.关键词
内核安全/内核漏洞/漏洞利用/堆喷对象/控制代码生成Key words
kernel security/kernel vulnerability/vulnerability exploitation/heap spraying object/manipulating code generation分类
信息技术与安全科学引用本文复制引用
刘壮,顾康正,谈心,张源..面向内核漏洞利用的堆喷对象控制代码自动化生成技术[J].计算机工程,2025,51(4):178-187,10.基金项目
国家自然科学基金(62172105) (62172105)
上海市青年科技启明星计划(21QA1400700) (21QA1400700)
上海市基础研究特区计划(21TQ1400100:21TQ012). (21TQ1400100:21TQ012)
