Security and Communication Networks

Research Article

BofAEG: Automated Stack Buffer Overflow Vulnerability Detection and Exploit Generation Based on Symbolic Execution and Dynamic Analysis

Table 1

Results of Zeratool and BofAEG on CTF and CVE programs.


Program	NX	CANARY	PIE	Win	Zeratool	BofAEG	Exp Tech

redpwnctf2020_coffer	✓	✕	✕	✓	N/A	6 s	Ret to system win
csictf2020_pwn0x1	✓	✕	✕	✓	N/A	5 s	Ret to system win
csictf2020_pwn0x2	✓	✕	✕	✓	N/A	6 s	Ret to system win
csictf2020_pwn0x3	✓	✕	✕	✓	7 s	6 s	Ret to system win
dctf2021_sanity	✓	✕	✕	✓	N/A	4 s	Ret to system win
umdctf2021_jne	✓	✕	✕	✓	7 s	6 s	Ret to flag win
csawctf2021_password	✓	✕	✕	✓	N/A	60 s	Ret to system win
h@cktivityctf2021_retcheck	✓	✕	✕	✓	N/A	8 s	Ret to flag win
downunderctf2021_deadcode	✓	✕	✕	✓	N/A	6 s	Ret to system win
downunderctf2021_out	✓	✕	✕	✓	6 s	5 s	Ret to system win
csawctf2020_roppity	✓	✕	✕	✕	30 s	6 s	Ret to libc
downunderctf2020_return	✓	✕	✕	✕	30 s	7 s	Ret to libc
dctf2021_babybof	✓	✕	✕	✕	37 s	5 s	Ret to libc
umdctf2021_jnw	✓	✕	✕	✕	27 s	6 s	Ret to libc
tamilctf2021_name	✓	✕	✕	✕	N/A	4 s	Ret to libc
dicectf2021_babyrop	✓	✕	✕	✕	N/A	6 s	Ret to dl-resolve
utctf2021_resolve	✓	✕	✕	✕	N/A	6 s	Ret to dl-resolve
nahamconctf2021_smol	✓	✕	✕	✕	N/A	4 s	Ret to dl-resolve
sharkyctf2020_give	✓	✕	✓	✕	N/A	4 s	text_addr and ret to libc
wpictf2020_dorsia1	✓	✕	✓	✕	N/A	4 s	libc_addr and ret to one_gadget
dctf2021_hotelrop	✓	✕	✓	✕	N/A	5 s	text_addr and ret to libc
lexingtonctf2021_gets	✓	✕	✓	✓	N/A	11 s	Explore to flag win
lexingtonctf2021_madlibs	✓	✕	✕	✓	N/A	N/A	N/A
cyberctf2021_harvester	✓	✓	✓	✕	N/A	N/A	N/A
Cve-2004-1257_abc2mtex	✓	✕	✕	✕	N/A	N/A	N/A
Cve-2011-1938_php	✓	✕	✕	✕	N/A	N/A	N/A
Cve-2012-4409_mcrypt	✓	✕	✕	✕	N/A	N/A	N/A
Cve-2013-2028_nginx	✓	✕	✕	✕	N/A	N/A	N/A
Cve-2017-13089_wget	✓	✕	✕	✕	N/A	N/A	N/A