Network Penetration Technique Based On Buffer Overflow Vulnerability

With rapid development of information and network technology, as well as their continous penetration into military realm, computer network is becoming the hinge in information battle field in the future. Computer network based attack and defense has drawn greate attention. Some attacks on computers can obtain valuable intelligence which other weapon systems can never archieve.Although network attacks have been widely used so far, there are few papers covering detail attacking techniques. This paper is led by the key steps of network penetration: remote breakthrough; stealthy control; firewall breakthrough; information sniffering; penetration into other hosts on the local.It discusses key technique related to network penetration and implements practical remote control system named W0wShell. How to avoid and detect the technique related to network penetration is also discussed in the related charpters.Buffer overflow vulnerability is still the main technique widely used in remote penetration.This vulnerability is hard to be detected. Nowadays, open sourced project Metaspolit makes the explotion of this vulnerability more effective and automated. However, the emphasis on automation leads to ignorance on the stealthy of a Shellcode. Enlightened by the backdoor type worm, this paper simulates buffer overflow vulnerability in ISAPI filter interface on a Web server, and detaily discussed the process from digging out to exploiting the vulnerability step by step. Subsequently it demonstrates the consequence of a Web server attacked...