Shellcode 和格式字符串漏洞?
在我的工作中,我们有很多机器运行 RH 9、RH Enterprise 3 和一些较旧的 Linux 版本。当我读到“格式字符串漏洞”和“shellcode”时,我想知道如何查看 Linux 是否容易受到此类攻击(无需运行攻击本身)...
感谢帮助!
Here at my job, we have a lot of machines running RH 9, RH Enterprise 3 and some older Linux tastes. As I read about the "format string vulnerability" and "shellcode", I would like to know how to see if that Linux are vulnerable to these kinds of attack (without running the attacks itself)...
Thanks for help!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
获取计算机上已安装的应用程序及其各自版本的列表。然后转到安全数据库网站,看看是否可以在其列表中找到任何已安装的应用程序。
Get a list of the installed applications on the computer and their respective versions. Then go to a security database website and see if you can find any of the installed applications on their list.
首先,shellcode 并不容易受到攻击。 Shellcode 是一小段可执行代码,是由内存损坏漏洞(如悬空指针或缓冲区溢出)传递的有效负载。现代 Linux 系统很难被利用。
您需要做的是运行
yum升级然后您应该就可以了。只需让您的系统保持最新即可,这就是您所需要担心的。如果您想查看系统是否可远程利用,则应针对该系统运行 OpenVAS。如果您想利用系统并运行您选择的 shellcode,那么您可以使用 Metasploit 框架。First of all a shellcode is not a vulnerably. Shellcode is a small bit of executable code that is a payload delivered by a memory corruption vulnerability like a dangling pointer or buffer overflow. Modern Linux systems are very difficult to exploit.
What you need to do is run a
yum upgradeand then you should be good. Just keep your system up to date and thats all you have to worry about. If you want to see if a system is remotely exploitable then should run OpenVAS against that system. If you want to exploit a system, and run shellcode of your choice then you can use the Metasploit framework.