ActiveX控件漏洞存在广泛且往往具有较高的威胁等级,有必要对此类漏洞的挖掘技术展开研究,发现并修复漏洞,从而杜绝安全隐患.在对ActiveX控件特性进行分析的基础上,设计并实现了ActiveX控件漏洞挖掘工具——ActiveX-Fuzzer.它基于黑盒Fuzzing测试技术,能够自动地构造半有效数据对控件接口展开测试,尝试发现潜在的缓冲区溢出、整数溢出及格式化字符串错误等安全问题.通过使用该工具对常用ActiveX控件进行广泛的测试,发现多个未公布的高危漏洞,受影响韵软件包括腾讯QQ、WinZip、微软Office等国内外重要软件,以及部分知名银行的网上服务中使用的控件.该测试结果表明了ActiveX—Fuzzer的有效性和先进性.
Vulnerabilities in ActiveX controls are large in number and tend to exhibit high level of severity. They are frequently exploited in Web based attacks to compromise client computers, thus motivating the research into techniques for discovering such flaws automatically. In this work, the authors propose and implement an ActiveX vulnerability detection tool named ActiveX-Fuzzer. It is a blackbox fuzzing tool that automatically feeds the interface exposed by an ActiveX control with crafted semi-valid data, attempting to identify potential vulnerabilities including buffer overflow, integer overflow and format string flaws. The tool is tested against a broad range of commonly used ActiveX controls and detects a number of highly severe vulnerabilities that are previously undiscovered, affecting Tencent QQ, WinZip, Microsoft Office and other software products, as well as online services from several major banks. The test result well proves the effectiveness of such an approach.