The Community for Technology Leaders
Computer Science and Information Engineering, World Congress on (2009)
Los Angeles, California USA
Mar. 31, 2009 to Apr. 2, 2009
ISBN: 978-0-7695-3507-4
pp: 733-738
In this pager we describe a new approach using symbolic execution to exploit windows applications, and the approach is implemented in the tool Ewap. Instead of fuzzing applications with randomly or semi-randomly constructed input, Ewap generates new inputs automatically to steer applications to follow different execution paths and detects security violations dynamically, which maximizes the code coverage and improves the exploiting efficiency.
code instrumentation, taint analysis mechanism, security violations detection, symbolic execution
Hui Shu, Jianmin Chen, Xiaobing Xiong, "Ewap: Using Symbolic Execution to Exploit Windows Applications", Computer Science and Information Engineering, World Congress on, vol. 07, no. , pp. 733-738, 2009, doi:10.1109/CSIE.2009.544
82 ms
(Ver 3.3 (11022016))