Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A system and method for exploiting vulnerabilities in binary files

A binary file and binary technology, applied to instruments, calculations, electrical digital data processing, etc., to speed up vulnerability location, improve vulnerability information, and facilitate analysts

Active Publication Date: 2021-06-08
成都网域复兴科技有限公司
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In view of the above-mentioned research problems, the purpose of the present invention is to provide a system and method for exploiting vulnerabilities in binary files, to solve the problem that the methods in the prior art cannot efficiently discover and locate vulnerabilities in patched software, and to help improve the Vulnerability information builds a vulnerability library, helps construct POC codes, facilitates analysts and reduces repetitive operations to achieve automation

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A system and method for exploiting vulnerabilities in binary files

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0045]Patches for Windows, such as MS04-11 LSASRV.DLL binary samples and corresponding patched files. The specific system implementation is as follows:

[0046] A vulnerability location and discovery system for binary files, including:

[0047] Disassembly module: use one of the linear scan algorithm or recursive descent algorithm to disassemble the input MS04-11 LSASRV.DLL binary sample and the corresponding patched file from binary to assembly language respectively to obtain assembly code;

[0048] Patch comparison module: used for function-level fine-grained structural comparison analysis of assembly codes to obtain function pairs that meet the requirements. The structured comparison analysis uses string similarity comparison algorithms, string reference matching algorithms, and the number of instructions The result after comprehensive comparison given by one or more of matching algorithm, hash matching algorithm, call reference matching algorithm, edge matching algorithm...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a system and method for leak location and discovery of binary files, belonging to computer leak detection technology, including a disassembly module, a patch comparison module, an intermediate language translation module, a static stain analysis module, and a leak pattern matching and positioning module. For the binary patch pair, the disassembly module disassembles it to obtain the assembly code; the patch comparison module mainly processes the disassembled code to obtain the fine-grained matching degree at the function level; for the function pair with a reasonable matching rate, the intermediate Language translation; the static taint propagation detection module is responsible for marking untrustworthy input as taint data to narrow the matching range; the vulnerability pattern matching and positioning module models common vulnerability patterns for matching and positioning. The invention can speed up the location of the loopholes for the patch files, facilitate the quickening of the analysis without the details of the loopholes, build a loophole database, and can semi-automatically dig out the loopholes.

Description

technical field [0001] The invention discloses a system and method for exploiting vulnerability location of binary files, which is used for detecting binary patch pairs and can automatically locate vulnerabilities; it belongs to the technical field of computer vulnerability detection. Background technique [0002] Binary program reverse analysis and vulnerability mining have always been the primary and key issues in the field of software security research. For the newly fixed vulnerabilities, the specific details will not be announced soon. If we want to conduct in-depth research on this, we often need to use the method of patch comparison to locate the vulnerability points in the program. Patch comparison is a common method to reveal difference information. However, there is currently no system for exploiting and locating vulnerabilities for patch comparison. [0003] In the document "Analysis of Buffer Overflow Process Based on Dynamic Binary Platform", Dong Pengcheng an...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/14G06F21/57
CPCG06F21/14G06F21/577
Inventor 陈香宇
Owner 成都网域复兴科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com