Trying to Automate Hacking

There was a new security paper addressed “Automatic patch-based exploit generation“. Basically, the proposed solution in the paper takes two versions of a file, one vulnerable and one fixed, then generate an input which fails in the vulnerable and passes in the fixed version.

According to Errata Security, the steps to work out an exploit from a patched and an unpatched version of a file goes in this form in general :
1. Find out the differences between the two versions.
2. Find an input such that the unpatched code fails and the patched code passes.
3. Find out how to reach that vulnerable code.
4. Work it out so the shellcode gets executed.

The paper proposes automatic approach to the 2nd step. Although it is only part of the process, it is still a step forward to automating the process. First to state, I’m not into this sort of thing, but I have listened to a Blue Hat session on this. From what I know, the 3rd step is usually very hard as the vulnerable might be some process you never heard of, or at places you have no idea how to invoke. Yes, remember that strange API and then now it is even buried down in some weird code path, it can be very hard.

Some bashes the paper is only a small step, but then most things start unimpressive. However, if the other steps are going automation with reasonable success, it will probably become just another easy tool like virus kit generators and so in time. Although it is only part of the exploit generation process, claiming “it’s only part of it” and then ignore it is kind of dangerous for that reason. Thus, it is worth taking note of this.


0 Responses to “Trying to Automate Hacking”

  1. Leave a Comment

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s


%d bloggers like this: