2009年3月14日星期六
Arbitrary code execution From wiki
In computer security, arbitrary code execution is used to describe an attacker's ability to execute any commands of the attacker's choice on a target machine or in a target process. It is commonly used in arbitrary code execution vulnerability to describe a software bug that gives an attacker a way to execute arbitrary code. A program that is designed to exploit such a vulnerability is called an arbitrary code execution exploit. Most of these vulnerabilities allow the execution of machine code and most exploits therefore inject and execute shellcode to give an attacker an easy way to manually run arbitrary commands. The ability to trigger arbitrary code execution from one machine on another is often referred to as remote code execution.
在计算机安全领域,任意代码执行用来描述攻击者在目标主机或目标进程执行任意代码。它经常在arbitrary code execution vulnerability中来描述一个提供给攻击者执行任意代码途径的软件bug,利用这样一个弱点的程序叫arbitrary code execution exploit。大多数弱点允许机器码的执行,这些exploit可以注入并执行shellcode,给攻击者一个简单的执行任意指令的途径。从一台机器向另外一台机器触发任意代码执行的能力叫远程代码执行。
It is the worst effect a bug can have because it allows an attacker to completely take over the vulnerable process. From there the attacker can potentially take complete control over the machine the process is running on. Arbitrary code execution vulnerabilities are commonly exploited by malware to run on a computer without the owner's consent.
这是一个bug能造成的最坏影响,因为它允许攻击者完全控制脆弱进程,攻击者进而可以控制脆弱进程运行的主机。Arbitrary code execution vulnerabilities已经被恶意软件广泛利用。
Arbitrary code execution is commonly achieved through control over the program counter (also known as the instruction pointer) of a running process. The instruction pointer points to the next instruction in the process that will be executed. Control over the value of the instruction pointer therefore gives control over which instruction is executed next. In order to execute arbitrary code, many exploits inject code into the process and use a vulnerability to change the instruction pointer to have it point to the injected code. The injected code will then automatically get executed.
任意代码执行通常通过控制一个正在运行进程的程序计数器(也叫指令计数器)来实现。指令计数器执行一个进程中下一条被执行的指令,控制指令计数器的值就可以控制下一条执行的指令是什么。为了执行任意代码,许多exploits向进程注入代码,使用弱点来改变指令计数器,让它指向注入的代码。被注入的代码就自动被执行。
Once the invader can execute arbitrary code directly on the OS there is often an attempt at a privilege-escalation exploit in order to run code as an administrator; however as normal users on Windows computers have many privileges most viruses, spyware etc do not need administrator privileges to still do a lot of damage or turn the computer into a bot.
一旦入侵者能直接在OS上执行任意代码,他会经常试图提升权限,以administrator的身份来运行代码。但是因为windows上的正常用户已经拥有许多特权,大多数病毒、间谍软件并不需要管理员权限,一样能对计算机造成很大破坏,让计算机变成僵尸。
在计算机安全领域,任意代码执行用来描述攻击者在目标主机或目标进程执行任意代码。它经常在arbitrary code execution vulnerability中来描述一个提供给攻击者执行任意代码途径的软件bug,利用这样一个弱点的程序叫arbitrary code execution exploit。大多数弱点允许机器码的执行,这些exploit可以注入并执行shellcode,给攻击者一个简单的执行任意指令的途径。从一台机器向另外一台机器触发任意代码执行的能力叫远程代码执行。
It is the worst effect a bug can have because it allows an attacker to completely take over the vulnerable process. From there the attacker can potentially take complete control over the machine the process is running on. Arbitrary code execution vulnerabilities are commonly exploited by malware to run on a computer without the owner's consent.
这是一个bug能造成的最坏影响,因为它允许攻击者完全控制脆弱进程,攻击者进而可以控制脆弱进程运行的主机。Arbitrary code execution vulnerabilities已经被恶意软件广泛利用。
Arbitrary code execution is commonly achieved through control over the program counter (also known as the instruction pointer) of a running process. The instruction pointer points to the next instruction in the process that will be executed. Control over the value of the instruction pointer therefore gives control over which instruction is executed next. In order to execute arbitrary code, many exploits inject code into the process and use a vulnerability to change the instruction pointer to have it point to the injected code. The injected code will then automatically get executed.
任意代码执行通常通过控制一个正在运行进程的程序计数器(也叫指令计数器)来实现。指令计数器执行一个进程中下一条被执行的指令,控制指令计数器的值就可以控制下一条执行的指令是什么。为了执行任意代码,许多exploits向进程注入代码,使用弱点来改变指令计数器,让它指向注入的代码。被注入的代码就自动被执行。
Once the invader can execute arbitrary code directly on the OS there is often an attempt at a privilege-escalation exploit in order to run code as an administrator; however as normal users on Windows computers have many privileges most viruses, spyware etc do not need administrator privileges to still do a lot of damage or turn the computer into a bot.
一旦入侵者能直接在OS上执行任意代码,他会经常试图提升权限,以administrator的身份来运行代码。但是因为windows上的正常用户已经拥有许多特权,大多数病毒、间谍软件并不需要管理员权限,一样能对计算机造成很大破坏,让计算机变成僵尸。
// 发贴者:放牛娃的春天 @ 三月 14, 2009 
订阅 博文 [Atom]