CN109714355A - A kind of leak analysis for VxWorks system utilizes method - Google Patents
A kind of leak analysis for VxWorks system utilizes method Download PDFInfo
- Publication number
- CN109714355A CN109714355A CN201910013860.1A CN201910013860A CN109714355A CN 109714355 A CN109714355 A CN 109714355A CN 201910013860 A CN201910013860 A CN 201910013860A CN 109714355 A CN109714355 A CN 109714355A
- Authority
- CN
- China
- Prior art keywords
- vxworks
- loophole
- analysis
- leak analysis
- selection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Debugging And Monitoring (AREA)
Abstract
The present invention is suitable for field of information security technology, provides a kind of leak analysis for VxWorks system using method, this method comprises: building VxWorks leak analysis environment;Analysis and verifying VxWorks loophole;According to analysis VxWorks loophole as a result, being utilized to loophole;Protection is generated to suggest.The present invention by build leak analysis environment, analysis and verifying loophole, loophole is utilized, generate protection suggest and etc., realize effective analysis to VxWorks System Security Vulnerability, and it proposes to suggest the reasonable of loophole using method and protection, to improve user to the prevention ability of VxWorks system vulnerability, reduces loophole and adversely affected to system bring.In addition, step of the present invention is simple, program is simple, can easily use.
Description
Technical field
The invention belongs to field of information security technology more particularly to a kind of leak analysis utilizations for VxWorks system
Method.
Background technique
As " made in China 2025 " and " internet+" is promoted in the depth of penetration of every field and extensively, we expect
Occur based on intelligent, networking Development of New Economy form.And the realization of this target, it is real to be unable to do without industrial control system
Existing automated job.Industrial control system is the important component of national basis facility, security relationship to national economy
Development and the people property and life security.In recent years, industrial control system loophole and security incident continuously emerge, and give
The country and people's economic asset causes safely serious threat.
VxWorks operating system is that one kind that Wind River company, the U.S. designs and develops in nineteen eighty-three is embedded in real time
Operating system (RTOS) is the important component of industrial control system, good sustainable development capacity, high performance kernel and friend
Good User Exploitation environment, occupies one seat in embedded real-time operating system field.It is with its good reliability and Zhuo
Real-time more is widely used in the high-quality precision and sophisticated technologies such as communication, military affairs, Aeronautics and Astronautics and the high field of requirement of real-time
In, such as satellite communication, military exercises, trajectory guidance, aircraft navigation.F-16, FA-18 fighter plane, B-2 in the U.S. is stealthy
On bomber and Patriot Missile, in addition connect the Mars probes logged in martian surface in April, 1997, in May, 2008 logs in
Phoenix number and log in curious number of in August, 2012 also all used on VxWorks.
The safety of VxWorks system itself is even more important, because operating system provides branch for all application programs
Hold, once and operating system there are loophole, attacker can be controlled entire by the implantation means such as back door or rogue program
System.
Want attack of the defence for VxWorks system, just has to go deep into the existing security breaches of VxWorks
Analysis and utilization.
Summary of the invention
In view of this, the present invention provides a kind of leak analysis for VxWorks system to utilize method, by right
The existing security breaches of VxWorks are analysed in depth, final to propose to suggest the reasonable of loophole using method and protection, thus
User is effectively improved to the prevention ability of VxWorks system vulnerability, loophole is reduced and is adversely affected to system bring.
The technical solution of the present invention is as follows: a kind of leak analysis for VxWorks system utilizes method, including following step
It is rapid:
Build VxWorks leak analysis environment;
Analysis and verifying VxWorks loophole;
According to analysis VxWorks loophole as a result, being utilized to loophole;
Protection is generated to suggest;
It is further, described to build VxWorks leak analysis environment, comprising the following steps:
3.0 software of Wind River Workbench is installed;
Update driving file;
Create project file;
Configuration server;
Load VxWorks system;
Debug VxWorks leak analysis environment configurations;
Further, the analysis and verifying VxWorks loophole, comprising the following steps:
Select loophole;
The loophole of selection is verified in VxWorks leak analysis environment;
The loophole of selection is analyzed.
Further, the update driving file is to update VxWorks mainboard associated drives file;
The creation project file includes: installation mds837x bsp, creation bootrom and creation VxWorks project file;
The configuration server is configuration FTP and tftp server.
Further, in the selection loophole, the loophole selected is the leakage of CVE-2010-2967 VxWorks Encryption Algorithm
Hole;
It is described in VxWorks leak analysis environment to the loophole of selection carry out verifying include: to be added in VxWorks mirror image
FTP module or TELNET module are verified;
Described pair selection loophole analyzed the following steps are included:
LoginDefaultEncrypt function code is obtained by the image file of dis-assembling VxWorks;
Obtain the encryption flow of CVE-2010-2967 VxWorks Encryption Algorithm loophole;
Analyze the influence of the loophole.
It is described that loophole is utilized, comprising:
Password dictionary is generated using CVE-2010-2967 VxWorks Encryption Algorithm loophole.
Alternatively, the loophole selected is the execution of CVE-2010-2965 VxWorks wdb remote code in the selection loophole
Loophole;
It is described in VxWorks leak analysis environment to the loophole of selection carry out verifying include: to be added in VxWorks mirror image
WDB correlation module;
The loophole of described pair of selection is analyzed, the method for carrying out Commissioning Analysis to Vxwroks system using WDB agreement, including
Following steps:
Analyze WDBRPC request data package format;
Analyze WDBRPC response data packet format;
Analyze WDB RPC conversation procedure;
Analyze Request Connect data packet format;
Analyze WDB Get Target Info data packet format;
Analyze WDB Write Memory data packet format.
It is described that loophole is utilized, comprising: to scan the basic information of target device, realize Connect process, read and appoint
Meaning memory, any memory of write-in execute instruction and make VxWorks system reboot.
Alternatively, the loophole selected is CVE-2015-7599 VxWorks shaping overflow leak in the selection loophole;
It is described in VxWorks leak analysis environment to the loophole of selection carry out verifying include: to be added in VxWorks mirror image
RPC module;
The loophole of described pair of selection is analyzed, comprising the following steps:
Rpcbind is serviced and carries out fuzzing test;
Debug debugging;
The value of PC register when reading Portmapd collapse by wdb rpc agreement, using capstone frame to the scene of bursting of running quickly
Code carries out dis-assembling, and lower Hardware Breakpoint, sends data packet in workbench, and break lower problem code;
Jump instruction is compared in execution;
Obtain analysis result.
It is described that loophole is utilized, comprising the following steps:
The shellcode of construction addition back door account;
It is laid out shellcode in memory using Heap Spray;
Calculate the value of credential flavor.
Further, the generation protection suggestion is obtained after the particular vulnerability to VxWorks system is analyzed,
Including being forbidden to use some algorithm or off disabled partial function or using third party device/measure.
Further, the VxWorks system uses WDB RPC V2 agreement.
Existing beneficial effect is the present invention compared with prior art:
The present invention by build leak analysis environment, analysis and verifying loophole, loophole is utilized, generate protection suggest etc. step
Suddenly, effective analysis to VxWorks System Security Vulnerability is realized, and proposes to build the reasonable of loophole using method and protection
View reduces loophole and adversely affects to system bring to improve user to the prevention ability of VxWorks system vulnerability.This
Outside, step of the present invention is simple, and program is simple, can easily use.
Detailed description of the invention
It to describe the technical solutions in the embodiments of the present invention more clearly, below will be to embodiment or description of the prior art
Needed in attached drawing be briefly described, it should be apparent that, the accompanying drawings in the following description is only of the invention some
Embodiment for those of ordinary skill in the art without any creative labor, can also be according to these
Attached drawing obtains other attached drawings.
Fig. 1 is the main-process stream schematic diagram of the embodiment of the present invention 1 ~ 3;
Fig. 2 is in the embodiment of the present invention 1 ~ 3, and S10-builds the refinement flow diagram of VxWorks leak analysis environment;
Fig. 3 is S20-analysis and the refinement flow diagram for verifying VxWorks loophole in the embodiment of the present invention 1 ~ 3;
Fig. 4 is the refinement flow diagram that S23-analyzes the loophole of selection in the embodiment of the present invention 1;
Fig. 5 is the refinement flow diagram that S23-analyzes the loophole of selection in the embodiment of the present invention 2;
Fig. 6 is the refinement flow diagram that S23-analyzes the loophole of selection in the embodiment of the present invention 3;
Fig. 7 is the refinement flow diagram that S30-analyzes the loophole of selection in the embodiment of the present invention 3.
Specific embodiment
In being described below, for illustration and not for limitation, the tool of such as particular system structure, technology etc is proposed
Body details, to understand thoroughly the embodiment of the present invention.However, it will be clear to one skilled in the art that there is no these specific
The present invention also may be implemented in the other embodiments of details.
In order to illustrate technical solutions according to the invention, the following is a description of specific embodiments.
Embodiment 1
As shown in Fig. 1 ~ 3, a kind of leak analysis for VxWorks system utilizes method, comprising the following steps:
S10, VxWorks leak analysis environment is built;
S20, analysis and verifying VxWorks loophole;
S30, according to analysis VxWorks loophole as a result, being utilized to loophole;
S40, protection suggestion is generated.
Specifically, the S10-builds VxWorks leak analysis environment, comprising the following steps:
S11, installation 3.0 software of Wind River Workbench;
S12, driving file is updated;
S13, creation project file;
S14, configuration server;
S15, load VxWorks system;
S16, debugging VxWorks leak analysis environment configurations.
Specifically, the S20-analysis and verifying VxWorks loophole, comprising the following steps:
S21, selection loophole;
S22, the loophole of selection is verified in VxWorks leak analysis environment;
S23, the loophole of selection is analyzed.
Specifically, the S12-update drives file are as follows: updates VxWorks mainboard associated drives file.
Specifically, the S13-creation project file includes: installation mds837x bsp, creation bootrom and creation
VxWorks project file.
Specifically, the S14-configuration server are as follows: configuration ftp server and tftp server.
Specifically, the VxWorks system uses WDB RPC V2 agreement.
As shown in figure 4, the loophole selected is CVE-2010-2967 VxWorks Encryption Algorithm loophole;The loophole brief introduction:
LoginDefaultEncrypt () function of loginLib is there are password collision problem in VxWorks system, i.e., and two or more
A password corresponds to the same hash value, and attacker can go the sessions such as Brute Force telnet, ftp by building password dictionary,
Whole system is perhaps controlled in system sensitive to obtain.
The S22-verifies the loophole of selection in VxWorks leak analysis environment specifically: in VxWorks
It is verified in mirror image plus FTP module or TELNET module;Since the FTP and Telnet of VxWorks are used
LoginDefaultEncrypt is as Encryption Algorithm, in order to verify this loophole, needs in VxWorks mirror image plus FTP module
Or TELNET module.
The S23-loophole of selection is analyzed the following steps are included:
S231, loginDefaultEncrypt function code is obtained by the image file of dis-assembling VxWorks;Due to problem
Out in loginDefaultEncrypt function, therefore firstly the need of the code for getting the function.
The code of loginDefaultEncrypt () function can be obtained by the image file (image) of dis-assembling VxWorks.
S232, the encryption flow for obtaining CVE-2010-2967 VxWorks Encryption Algorithm loophole;The generation obtained by S321
Code it is found that the encryption flow of algorithm in two steps:
Step 1 is to take their sum, be finally multiplied by 31695317 and be converted into every of the password exclusive or again that is multiplied with current location
Character string;
Step 2 is converted into QRS for the 012 of character string, and 23456 are converted into bcde, and 78 are converted into yz, and 9 is constant.
S233, the influence for analyzing the loophole.It is very big to one to can be seen that function from the algorithm for encryption process of S232
Input entrance, the but only output outlet of very little, be easy to make so different passwords obtain one it is identical and, thus most
After obtain an identical hash value, if the obtained hash value of password and FoBmA^NuN is all RcQbRbzRyc.Assuming that I
Traverse all hash now, password corresponding to hash is generated to a dictionary, then we, only it is to be understood that user name, lead to
The password crossed in traversal dictionary can success telnet login.
The S30-of the present embodiment utilizes loophole are as follows: utilizes CVE-2010-2967 VxWorks Encryption Algorithm loophole
Generate password dictionary.The utilization of this loophole essentially consists in generation password dictionary, and generation thinking is very simple, constructs a character
Collection generates password of the length at 8 to 40 at random every time, while generating the hash value of password, if current hash value with
The hash value of all generations in front does not repeat, then the password being currently generated and hash value are recorded in dictionary.
The harm of the loophole: since the presence of the loophole is far smaller than the account of VxWorks and password encryption intensity
It is expected that attacker is enabled to crack the accounts of VxWorks at a very rapid rate in the case where grasping VxWorks dictionary.
The S40 of the present embodiment-generation protection is suggested: avoiding the default encryption algorithm using VxWorks, and using for example
The technological means that the conventional anti-violences such as account locking, IP locking crack.
Embodiment 2
Embodiment 2 and embodiment 1 are unanimous on the whole, are all made of process shown in Fig. 1 ~ 3, and difference is that S20, S30 and S40's is specific
In implementation.
As shown in Fig. 1 ~ 3 and Fig. 5, the loophole selected executes leakage for CVE-2010-2965 VxWorks wdb remote code
Hole;The loophole brief introduction: there are loopholes in the wdb service in Wind River VxWorks, and the service is supervised in VxWorks system
It listens in the port udp/17185, attacker sends the data packet for passing through special tectonic to the port, so that arbitrary code be caused to hold
Row.
The S22-verifies the loophole of selection in VxWorks leak analysis environment specifically: in VxWorks
WDB correlation module is added in mirror image;
The S23-analyzes the loophole of selection, the method for carrying out Commissioning Analysis to Vxwroks system using WDB agreement,
(WDB agreement full name is Wind River Debug agreement, this agreement is mainly used for carrying out Vxwroks system
Debug debugging) the following steps are included:
S231, analysis WDBRPC request data package format;
S232, analysis WDBRPC response data packet format;
S233, analysis WDB RPC conversation procedure;
S234, analysis Request Connect data packet format;
S235, analysis WDB Get Target Info data packet format;
S236, analysis WDB Write Memory data packet format.
The S30-utilizes loophole, comprising: scan target device basic information, realize Connect process,
Any memory, any memory of write-in are read, executes instruction and makes VxWorks system reboot.
Loophole harm: due to the presence of the loophole make VxWorks for the undefended state of milli, attacker can be straight
Receiving asks and controls the VxWorks equipment for arbitrarily opening WDBRPC debugging function.
The S40-generation protection is suggested: the off disabled WDBRPC debugging function after equipment completes the debugging stage, or
It is accessed control using third party device or measure to port used in WDBRPC.
Embodiment 3
Embodiment 3 and embodiment 1 are unanimous on the whole, are all made of process shown in Fig. 1 ~ 3, and difference is that S20, S30 and S40's is specific
In implementation.
As shown in Fig. 1 ~ 3 and Fig. 5 ~ 6, the loophole selected is 2.3.3 CVE-2015-7599 VxWorks shaping over flow drain(OFD)
Hole;The loophole brief introduction: for the rpcbind service in VxWorks system there are loophole, rpcbind service is one of SUN-RPC
Point, the service is monitored in the port tcp/111 and udp/111 in VxWorks system, and attacker sends to the port by special
The data packet of construction can lead to integer overflow, so that arbitrary code be caused to execute.
The S22-verifies the loophole of selection in VxWorks leak analysis environment specifically: in VxWorks
RPC module is added in mirror image;Loophole is triggered due to needing exist for the rpc agreement of VxWorks, in order to verify this loophole, is needed
RPC module is added in VxWorks mirror image.
The S23-analyzes the loophole of selection, comprising the following steps:
S231, progress fuzzing test is serviced rpcbind;Fuzzing is carried out by servicing rpcbind, discovery is specific
It is routed that data packet can make tPortMapd service run quickly;
S232, Debug debugging;By Debug debugging it can be seen that the error information of Vxworks;
S233, the value that PC register when Portmapd collapses is read by wdb rpc agreement, are burst using capstone frame to running quickly
Live code carries out dis-assembling, and lower Hardware Breakpoint, sends data packet in workbench, and break lower problem code;
Jump instruction is compared in S234, execution;
S235, analysis result is obtained.
The S30-utilizes loophole, comprising the following steps:
The shellcode of S31, construction addition back door account;The thinking of addition back door account is to utilize loginUserAdd () letter
Number adds user, can directly use loginUserAdd (" name ", " hash " under console) Lai Tianjia user;
S32, it is laid out shellcode in memory using Heap Spray;Heap Spray is a kind of vulnerability exploit technology, be
Instructed before shellcode plus a large amount of slide code(slide plate), form an injecting codes section.Then to system Shen
Please a large amount of memories, and filled repeatedly with injecting codes section.The address space for allowing for process so is largely injected generation
Occupied by code.Program flow is controlled then in conjunction with other loophole attack technologies, calling program is gone on heap, finally will lead to
The execution of shellcode.
S33, the value for calculating credential flavor.Heap Spray is being used to be laid out shellcode in memory
Afterwards, it would be desirable to recognize the position of these shellcode in memory.The memory dump function using WDBRPC is needed at this time
To obtain system.
The readmemory function that wdbrpc can be used in Dump memory writes script realization.Due to being saved as in development board
512M, and the efficiency that reads of memory is lower therefore carries out complete dump and at least needs 1 time more than hour.
The layout of shellcode in memory is checked using 16 system tools, it can be seen that shellcode is mainly distributed on
Between 0x02540000 to 0x02640000.Search, which meets 0x0254xxxx or 0x0255xxxx, in memory is worth address.It is right
It searches out the value come to be screened, it is necessary to meet following condition:
1) data of static storage area, that is to say, that be the data that just can determine that the compilation phase;
2) address is 4 multiple, because svcauthsw (0x001E45ec)+r11 * 4 is 4 according to the explanation of leak analysis
Multiple;
3) value of the address is the address that greatly may be very the instruction of mr 13,13;
From the data searched, we can find the address for meeting above-mentioned condition, such as:
0x001dab58,0x001dab58 are 4 multiples, and the memory at 0x001dab58 is as shown below, are directed toward
0x025492d0 is exactly the position that mr 13,13 is instructed.
So problem translates into the credential flavor value for calculating the condition that meets now.Python can be used
Code is calculated.The value of credential flavor is 0xffff54d6 after calculating.
Loophole harm: utilization the condition such as foregoing description of the loophole is more harsh, execution arbitrary code and shellcode
Words, need to get the firmware and internal storage data of target device.Therefore the loophole be utilized it is larger may be to lead to equipment RPC
Service paralysis or equipment paralysis.
The S40-generation protection is suggested: needing to answer the off disabled RPC service as non-traffic, referring to Feng He company
Bulletin upgrading Vxworks system accesses control to port used in RPC using third party device or measure.
Embodiment described above is merely illustrative of the technical solution of the present invention, rather than its limitations;Although referring to aforementioned reality
Applying example, invention is explained in detail, those skilled in the art should understand that: it still can be to aforementioned each
Technical solution documented by embodiment is modified or equivalent replacement of some of the technical features;And these are modified
Or replacement, the spirit and scope for technical solution of various embodiments of the present invention that it does not separate the essence of the corresponding technical solution should all
It is included within protection scope of the present invention.
Claims (10)
1. a kind of leak analysis for VxWorks system utilizes method, which comprises the following steps:
Build VxWorks leak analysis environment;
Analysis and verifying VxWorks loophole;
According to analysis VxWorks loophole as a result, being utilized to loophole;
Protection is generated to suggest;
It is described to build VxWorks leak analysis environment, comprising the following steps:
3.0 software of Wind River Workbench is installed;
Update driving file;
Create project file;
Configuration server;
Load VxWorks system;
Debug VxWorks leak analysis environment configurations;
The analysis and verifying VxWorks loophole, comprising the following steps:
Select loophole;
The loophole of selection is verified in VxWorks leak analysis environment;
The loophole of selection is analyzed.
2. utilizing method for the leak analysis of VxWorks system as described in claim 1, it is characterised in that:
The update driving file is to update VxWorks mainboard associated drives file;
The creation project file includes: installation mds837x bsp, creation bootrom and creation VxWorks project file;
The configuration server is configuration FTP and tftp server.
3. utilizing method for the leak analysis of VxWorks system as described in claim 1, it is characterised in that:
In the selection loophole, the loophole selected is CVE-2010-2967 VxWorks Encryption Algorithm loophole;
It is described in VxWorks leak analysis environment to the loophole of selection carry out verifying include: to be added in VxWorks mirror image
FTP module or TELNET module are verified;
Described pair selection loophole analyzed the following steps are included:
LoginDefaultEncrypt function code is obtained by the image file of dis-assembling VxWorks;
Obtain the encryption flow of CVE-2010-2967 VxWorks Encryption Algorithm loophole;
Analyze the influence of the loophole.
4. utilizing method for the leak analysis of VxWorks system as claimed in claim 3, it is characterised in that:
It is described that loophole is utilized, comprising:
Password dictionary is generated using CVE-2010-2967 VxWorks Encryption Algorithm loophole.
5. utilizing method for the leak analysis of VxWorks system as described in claim 1, it is characterised in that:
In the selection loophole, the loophole selected is CVE-2010-2965 VxWorks wdb Remote Code Execution Vulnerability;
It is described in VxWorks leak analysis environment to the loophole of selection carry out verifying include: to be added in VxWorks mirror image
WDB correlation module;
The loophole of described pair of selection is analyzed, the method for carrying out Commissioning Analysis to Vxwroks system using WDB agreement, including
Following steps:
Analyze WDBRPC request data package format;
Analyze WDBRPC response data packet format;
Analyze WDB RPC conversation procedure;
Analyze Request Connect data packet format;
Analyze WDB Get Target Info data packet format;
Analyze WDB Write Memory data packet format.
6. utilizing method for the leak analysis of VxWorks system as claimed in claim 5, it is characterised in that:
It is described that loophole is utilized, comprising: to scan the basic information of target device, realize Connect process, read in any
It deposits, any memory is written, executing instruction and make VxWorks system reboot.
7. utilizing method for the leak analysis of VxWorks system as described in claim 1, it is characterised in that:
In the selection loophole, the loophole selected is CVE-2015-7599 VxWorks shaping overflow leak;
It is described in VxWorks leak analysis environment to the loophole of selection carry out verifying include: to be added in VxWorks mirror image
RPC module;
The loophole of described pair of selection is analyzed, comprising the following steps:
Rpcbind is serviced and carries out fuzzing test;
Debug debugging;
The value of PC register when reading Portmapd collapse by wdb rpc agreement, using capstone frame to the scene of bursting of running quickly
Code carries out dis-assembling, and lower Hardware Breakpoint, sends data packet in workbench, and break lower problem code;
Jump instruction is compared in execution;
Obtain analysis result.
8. utilizing method for the leak analysis of VxWorks system as claimed in claim 7, it is characterised in that:
It is described that loophole is utilized, comprising the following steps:
The shellcode of construction addition back door account;
It is laid out shellcode in memory using Heap Spray;
Calculate the value of credential flavor.
9. as the described in any item leak analysis for VxWorks system of claim 1 ~ 8 utilize method, it is characterised in that:
The generation protection suggestion is to obtain after the particular vulnerability to VxWorks system is analyzed, including be forbidden to use
Some algorithm or off disabled partial function use third party device/measure.
10. as the described in any item leak analysis for VxWorks system of claim 1 ~ 8 utilize method, it is characterised in that:
The VxWorks system uses WDB RPC V2 agreement.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910013860.1A CN109714355A (en) | 2019-01-08 | 2019-01-08 | A kind of leak analysis for VxWorks system utilizes method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910013860.1A CN109714355A (en) | 2019-01-08 | 2019-01-08 | A kind of leak analysis for VxWorks system utilizes method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109714355A true CN109714355A (en) | 2019-05-03 |
Family
ID=66260862
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910013860.1A Pending CN109714355A (en) | 2019-01-08 | 2019-01-08 | A kind of leak analysis for VxWorks system utilizes method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109714355A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110688313A (en) * | 2019-09-26 | 2020-01-14 | 天津津航计算技术研究所 | Fault injection method for software test under VxWorks operating system |
| CN113434150A (en) * | 2021-08-30 | 2021-09-24 | 麒麟软件有限公司 | Linux kernel crash information positioning method |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102541729A (en) * | 2010-12-31 | 2012-07-04 | 航空工业信息中心 | Detection device and method for security vulnerability of software |
| CN105046155A (en) * | 2015-06-24 | 2015-11-11 | 北京系统工程研究所 | Risk assessment method and apparatus for software system vulnerability |
-
2019
- 2019-01-08 CN CN201910013860.1A patent/CN109714355A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102541729A (en) * | 2010-12-31 | 2012-07-04 | 航空工业信息中心 | Detection device and method for security vulnerability of software |
| CN105046155A (en) * | 2015-06-24 | 2015-11-11 | 北京系统工程研究所 | Risk assessment method and apparatus for software system vulnerability |
Non-Patent Citations (1)
| Title |
|---|
| 威努特工控安全: "VxWorks系统典型漏洞分析与影响范围统计", 《看点快报》 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110688313A (en) * | 2019-09-26 | 2020-01-14 | 天津津航计算技术研究所 | Fault injection method for software test under VxWorks operating system |
| CN113434150A (en) * | 2021-08-30 | 2021-09-24 | 麒麟软件有限公司 | Linux kernel crash information positioning method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11258818B2 (en) | Method and system for generating stateful attacks | |
| US10318728B2 (en) | Determining permissible activity based on permissible activity rules | |
| Holm et al. | Sved: Scanning, vulnerabilities, exploits and detection | |
| CN110519280B (en) | Crawler identification method and device, computer equipment and storage medium | |
| Yamin et al. | Modeling and executing cyber security exercise scenarios in cyber ranges | |
| US11444970B2 (en) | Dynamic security test system | |
| Rivera et al. | ROSploit: Cybersecurity tool for ROS | |
| CN109714355A (en) | A kind of leak analysis for VxWorks system utilizes method | |
| Yang et al. | Vetting Single {Sign-On}{SDK} Implementations via Symbolic Reasoning | |
| Bowen et al. | Enabling reproducible cyber research-four labeled datasets | |
| Cioroaica et al. | Predictive simulation for building trust within service-based ecosystems | |
| Xu et al. | AutoAttacker: A Large Language Model Guided System to Implement Automatic Cyber-attacks | |
| Kim | The impact of platform vulnerabilities in AI systems | |
| Caseirito et al. | Improving Web Application Vulnerability Detection Leveraging Ensemble Fuzzing. | |
| Romdhana et al. | Assessing the security of inter-app communications in android through reinforcement learning | |
| Furfaro et al. | Gathering Malware Data through High-Interaction Honeypots. | |
| CN114640484A (en) | Network security countermeasure method and device and electronic equipment | |
| Yang et al. | A model-based fuzz framework to the security testing of TCG software stack implementations | |
| Wang et al. | Zero-Config Fuzzing for Microservices | |
| US10007792B1 (en) | Modeling a network security environment as a game | |
| KR102617219B1 (en) | Apparatus and method of penetration test utilizing malware | |
| Novokhrestov et al. | Creating a vulnerable node based on the vulnerability MS17-010 | |
| Rezaie | Mobile security education with android labs | |
| KR101793829B1 (en) | Distributed users behavior simulation system through a forced injection script to the browser | |
| Yamin et al. | Applications of LLMs for Generating Cyber Security Exercise Scenarios |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190503 |