Abstract
Current detection techniques are mostly limited to the source code level, and research on the binary files is few. Based on the stack pointer and the argument pointer of the format-string, the attacking principles of format-string vulnerabilities were researched. A new method to detect format-string vulnerabilities in binary files was brought forward. By analyzing the method that the model adopted, the particular means and processes to construct the attacking codes were presented. In order to improve the effectiveness of the detection, the attacking code constructions for different systems were studied. At last, an example was given to demonstrate the validity of the detection model.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have