Ewap: Using Symbolic Execution to Exploit Windows Applications

  title={Ewap: Using Symbolic Execution to Exploit Windows Applications},
  author={Jianmin Chen and Hui Shu and Xiaobing Xiong},
  journal={2009 WRI World Congress on Computer Science and Information Engineering},
In this pager we describe a new approach using symbolic execution to exploit windows applications, and the approach is implemented in the tool Ewap. Instead of fuzzing applications with randomly or semi-randomly constructed input, Ewap generates new inputs automatically to steer applications to follow different execution paths and detects security violations dynamically, which maximizes the code coverage and improves the exploiting efficiency.   Based on a Dynamic Binary Monitor Platform (DBMP… CONTINUE READING


Publications citing this paper.


Publications referenced by this paper.
Showing 1-10 of 19 references

A framework for heavyweight dynamic binary instrumentation "

  • T. Garnett D. Bruening, S. Amarasinghe, J. Seward
  • Proceedings of PLDI
  • 2007

Fuzzing: Brute Force Vulnerability Discovery

  • M. Sutton, A. Green, P. Amini
  • Addison-Wesley, United States
  • 2007
1 Excerpt

Building customized program analysis tools with dynamic instrumentation "

  • R. Cohn, R. Muth, +5 authors K. Hazelwood
  • Proceedings of PLDI
  • 2005

Similar Papers

Loading similar papers…