Automated Exploit Generation for Stack Buffer Overflow Vulnerabilities.
An automated method for exploit generation is presented. This method allows one to construct exploits for stack buffer overflow vulnerabilities and to prioritize software bugs. The method is based on the dynamic analysis and symbolic execution of programs. It could be applied to program binaries and does not require debug information. The proposed method was used to develop a tool for exploit generation. This tool was used to generate exploits for eight vulnerabilities in Linux and Windows programs, of which three were not fixed at the time this paper was written.Full text of the paper in pdf
Programming and Computer Software, 2015, Vol. 41, No. 6, pp. 373–380.