-
-
[转帖]Application-Specific Attacks: Leveraging the ActionScript Virtual Machine
-
发表于: 2008-8-26 17:55 2865
-
[转帖]Application-Specific Attacks: Leveraging the ActionScript Virtual Machine
2008-8-26 17:55
2865
Application-Specific Attacks: Leveraging the ActionScript Virtual Machine
Introduction
Memory corruption vulnerabilities are becoming increasingly difficult to
exploit, largely due to the protection mechanisms being integrated into most
modern operating systems. As general protection mechanisms evolve, attackers
are engaging in more specific, low-level application-targeted attacks. In
order to refine general countermeasures (or at least raise awareness of their
shortcomings), it is important to first understand how memory corruption
vulnerabilities are exploited in some unique scenarios.
The following case study describes a unique exploitation scenario using a
recently disclosed flash vulnerability that was reported to Adobe by IBM
(advisory available at http://www.iss.net/threats/289.html). At first the
vulnerability seemed to offer limited exploitation options, but further analysis
uncovered an application-specific attack that results in reliable, consistent
exploitation. Achieving the same exploitation with more conventional methods
is unlikely. The technique presented leverages functionality provided by
the ActionScript Virtual Machine – an integral part of Adobe Flash Player.
Further, it will be shown that the vulnerability can be successfully exploited
without leaving telltale signs, such as a browser crash following the attack.
Although this document deals specifically with the Win32/intel platform,
similar attacks can most likely be carried out on the many other platforms
flash is available for. In particular, some of the methodology discussed might
be useful for constructing a robust exploit on Unix platforms as well as several
embedded platforms. Understanding the specific scenarios used to exploit
memory corruption vulnerabilities will help improve protection strategies.
http://documents.iss.net/whitepapers/IBM_X-Force_WP_final.pdf
赞赏
他的文章
看原图
赞赏
雪币:
留言: