| As Microsoft Office documents are widely used in desktop systems, the security of these applications is widely concerned and considered by security keepers and also attackers home and abroad. Attacks range from primitive micro viruses to present vulnerability exploiting against document form analysis. Foreign security corporations, organizations and independent attackers lay their emphases of vulnerability researches on Microsoft Office applications. Recently Office vulnerabilities are often exposed for they are exploited and used too frequently. So Microsoft Corporation now makes a faster reaction in announcing Office security announcement and publishing patches against the increasing vulnerabilities.OLE2-based compound document structure is used in excel,word,powerpoint of MS Office applications. Multiple data forms are allowed in this structure. As a result the security of Office documents is mainly threatened in the following three aspects: micro-based attacks, leak of private and hidden information, and applications'vulnerability-based attacks. This thesis is focused on the techniques of exploiting and using MS Office applications vulnerabilities.Vulnerability researches consist of vulnerability exploiting and vulnerability analysis. Vulnerability exploiting is to find potential unknown vulnerabilities of software by various techniques and tools. Vulnerability analysis is to analyze further the known vulnerability to figure out their causes with the aim to offer technical support for exploiting or saving them. This thesis is arranged to explain the basis principles of traditional vulnerability technique researches and their limitations. A new technique of exploiting vulnerability, based on document analysis, and its design resolutions for engineering accomplishment is discussed for a certain Office application. It is a combination of Fuzz test and binary code analysis is introduced and can substantially improve the real applying value of vulnerability exploiting technique.Our solutions for vulnerability exploiting is first to test file-creating module's analysis for the form of document inputted in the template document, find sensitive data in the document, modify document data according to designed modifying mode and create test document. And then dynamically supervise the debugging interfaces used by the module and start Office process. On one hand, supervise and record running of the code in question in the running process of the program, and on the other hand record and handle the exceptional information of the program. Finally, manually test and analyze the created exceptional document to find out the cause of the vulnerability with the aim to find the vulnerability can be used to run codes. By practice test in excel and powerpoint, We have got a large number of vulnerability test documents that can cause process service denied and further analyses of them help me to find serious vulnerability that can be used to run codes from a remote end. My technical solutions have greatly improved the efficiency and effects of vulnerability exploiting and have demonstrated its practical value.The technique of vulnerability and related engineering accomplishing solutions introduced in this thesis offers a new method for technique of vulnerability researches and vulnerability's protecting examination of other applications. It has worked efficiently in my work practice. Currently the technique is being researched and it can promote the comprehensive application in the future. |
PDF Full Text Request