当前位置:首页 > 报告详情

JDD:基于自底向上Gadget搜索和数据流辅助有效载荷构建的Java反序列化Gadget链深度挖掘.pdf

上传人: 竿*** 编号:981816 2025-11-29 63页 5.03MB

1、#BHAS BlackHatEventsJDD:In-depth Mining of Java Deserialization Gadget Chain via Bottom-up Gadget Search and Dataflow aided Payload ConstructionSpeaker:Bofei Chen,Yinzhi CaoOther Contributors:Lei Zhang,Xinyou Huang,Yuan Zhang,Min Yang#BHAS BlackHatEventsWho Are WeBofei Chen(Speaker)PhD student at Fu

2、dan University Secsys Lab Focus on program analysis,vulnerability detection and exploitation.Yinzhi Cao(Speaker)Associate Professor at Johns Hopkins University Technical Director at the JHU Information Security Institute Focus on security and privacy of the Web,smartphones,and machine learning using

3、 program analysis techniques.#BHAS BlackHatEventsLei ZhangAssistant Professor at Fudan University Secsys LabFocus on vulnerability detection,exploitation,and automatic fixes,etc.Xinyou HuangMaster student at Fudan University Secsys LabFocus on dynamic and static program analysis,vulnerability exploi

4、tation.Yuan ZhangProfessor at Fudan University Secsys Lab(co-director)Focus on vulnerability research(e.g.,Web,agents,kernel and firmware)Min YangProfessor at Fudan University Secsys Lab(leader)Focus on vulnerability discovery,mitigation,and privacy protection,etc.Who Are We#BHAS BlackHatEventsAgend

5、a Introduction Technique Challenges JDD:Approach and Implementation Evaluation and New Findings Conclusion&Takeaways#BHAS BlackHatEventsIntroduction What is a Java deserialization vulnerability?Why is Java deserialization vulnerability worth researching?How to detect and exploit a Java deserializati

6、on vulnerability?Mitigation and discussion.#BHAS BlackHatEventsJava Serialization and Deserialization Serialization and deserialization are inverse processes of each other.An objects fields are preserved along with their assigned values.Java ObjectStream of Bytesfield aJava ObjectStream of Bytesfiel

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
根据《In-depth Mining of Java Deserialization GadgetChain via Bottom-up Gadget Search and Dataflowaided Payload Construction》的内容,以下为全文关键点概括: 1. **Java反序列化漏洞**:文章探讨了Java反序列化漏洞,这种漏洞可能导致远程代码执行等严重安全风险。 2. **研究价值**:由于反序列化机制在Java中的广泛应用,研究此类漏洞对于提高系统安全性至关重要。 3. **检测与利用**:文章介绍了通过Gadget Chain和Injection Object来检测和利用Java反序列化漏洞。 4. **技术挑战**:检测Gadget Chain和生成Injection Object面临静态路径爆炸和复杂对象字段关系等挑战。 5. **JDD方法**:JDD采用基于片段的总结和自下而上的Gadget Chain搜索方法,以及数据流辅助的Injection Object构建技术。 6. **评估结果**:JDD检测到91个未知Gadget Chain,并将静态误报率从91.5%降低到0%。 7. **新发现**:JDD发现了127个零日漏洞,并扩展了可攻击协议的范围,包括Hessian和Apache Fury。
**揭秘Java反序列化漏洞** **如何构建Java反序列化攻击链?** **Java反序列化漏洞检测新方法**
客服
商务合作
小程序
服务号
折叠