JOURNAL ARTICLE
FormatAEG: a framework for bypassing ASLR defense and automated exploitation of format string vulnerability.
Published In: Computer Journal, 2024, v. 67, n. 11. P. 3056 1 of 3
Database: Academic Search Ultimate 2 of 3
Authored By: Xu, Shenglin; Jiang, Zhiyuan; Wang, Yongjun; Xie, Peidai 3 of 3
Abstract
The article presents FormatAEG, the first automated exploitation framework designed to bypass Address Space Layout Randomization (ASLR) defenses and automatically exploit format string vulnerabilities, particularly in 64-bit programs. FormatAEG introduces two key methods: an arbitrary address reading and writing technique that handles user-controllable inputs stored outside the stack and truncated by null bytes, and a vulnerability reentry method based on Global Offset Table (GOT) hijacking to enable repeated triggering of non-reentrant vulnerabilities. Evaluated on 22 Capture The Flag (CTF) and real-world programs with ASLR enabled, FormatAEG detected 19 format string vulnerabilities and generated exploits for 15, outperforming existing tools like Zeratool. The framework integrates symbolic execution and dynamic analysis to effectively address challenges in exploiting format string vulnerabilities under modern system protections.
Additional Information
- Source:Computer Journal. 2024/11, Vol. 67, Issue 11, p3056
- Document Type:Article
- Subject Area:Computer Science
- Publication Date:2024
- ISSN:0010-4620
- DOI:10.1093/comjnl/bxae069
- Accession Number:182368716
- Copyright Statement:Copyright of Computer Journal is the property of Oxford University Press / USA and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)
Looking to go deeper into this topic? Look for more articles on EBSCOhost.