zhongjie.wang's blog

TraceExploit: Replaying method dissection

I've been working on the GSOC Project 14 in recent months. We are meant to start a new tool which can replay the collected exploit traces.

We know that during the process of exploit replay, there're many fields need to be changed in the original application messages. Some of them are platform independent, and the others are platform specific. Platform-independent variables are those changed each time we exploit, like timestamp, cookie, length, etc. And platform-specific variables are those changed only if the target system is changed, like target address, return address point to the shellcode.

Syndicate content