| Title | AngErza: Automated Exploit Generation |
| Publication Type | Conference Paper |
| Year of Publication | 2021 |
| Authors | Dixit, Shruti, Geethna, T K, Jayaraman, Swaminathan, Pavithran, Vipin |
| Conference Name | 2021 12th International Conference on Computing Communication and Networking Technologies (ICCCNT) |
| Keywords | angr, Automated Exploit GeneraTION(AEG), Automated Secure Software Engineering, buffer overflow, Buffer overflows, codes, composability, Computer architecture, Computer bugs, pubcrawl, Publishing, resilience, Resiliency, Software, symbolic execution, Tools |
| Abstract | Vulnerability detection and exploitation serves as a milestone for secure development and identifying major threats in software applications. Automated exploit generation helps in easier identification of bugs, the attack vectors and the various possibilities of generation of the exploit payload. Thus, we introduce AngErza which uses dynamic and symbolic execution to identify hot-spots in the code, formulate constraints and generate a payload based on those constraints. Our tool is entirely based on angr which is an open-sourced offensive binary analysis framework. The work around AngErza focuses on exploit and vulnerability detection in CTF-style C binaries compiled on 64-bit Intel architecture for the early-phase of this project. |
| DOI | 10.1109/ICCCNT51525.2021.9579959 |
| Citation Key | dixit_angerza_2021 |
AngErza: Automated Exploit Generation