MS+Office漏洞挖掘和利用技术研究.pdf

寻找可以利用达到代码执行的漏洞。经过对excel 和powerpoint 的 实际测试，我们得到了大量可以导致进程拒绝服务的漏洞验证文 档，进一步分析也从中发现了可远程执行代码的严重级漏洞。我们 所提出的技术方案使得漏洞研究效率和效果得到较大提高，验证了 技术的实际应用价值。 本文提出的漏洞挖掘技术及相应的工程实现设计方案对于其它 的应用程序的漏洞研究技术和漏洞的防护检测机制开拓了新的思 路，同时在实际工作中发挥了重要作用。目前，技术正进一步的研 究中，并将对未来的综合应用起更大的推动作用。 关键词：复合文档，漏洞挖掘，漏洞分析，Fuzz 测试 6 RESEARCHES ON TECHNIQUES OF EXPLOITING AND APPLYING MS OFFICE VULNERABILITIES ABSTRACT As Microsoft Office documents are widely used in desktop systems, the security of these applications is widely concerned and considered by security keepers and also attackers home and abroad. Attacks range from primitive micro viruses to present vulnerability exploiting against document form analysis. Foreign security corporations, organizations and independent attackers lay their emphases of vulnerability researches on Microsoft Office applications. Recently Office vulnerabilities are often exposed for they are exploited and used too frequently. So Microsoft Corporation now makes a faster reaction in announcing Office security announcement and publishing patches against the increasing vulnerabilities. OLE2-based compound document structure is used in excel ， word ，powerpoint of MS Office applications. Multiple data forms are allowed in this structure. As a result the security of Office documents is mainly threatened in the following three aspects: micro-based attacks, leak of private and hidden information, and applications’ vulnerability-based attacks. This thesis is focused on the techniques of exploiting and using MS Office applications vulnerabilities. Vulnerability researches consist of vul