由新西兰安全研究者Simon Howard运营的备受争议的“零病毒检测”竞赛允许各个参赛队伪装计算机病毒代码和漏洞利用代码样本。
The controversial Race to Zero contest, run by New Zealand security researcher Simon Howard, allowed each team to try to obfuscate real computer viruses and exploit code samples.
另一种是找到确保软件开发人员编写的代码中有更少的缺陷的方法,这样黑客就有更少的安全漏洞可以利用。
Another is to find ways to ensure that software developers produce code with fewer flaws in it so that hackers have fewer security holes to exploit.
微软说,为了利用这个安全漏洞,黑客必须欺骗用户访问一个装载了恶意代码的网站。
To exploit the security hole, hackers must trick users into visiting a Web site loaded with malicious code, Microsoft said.
JohnnyLong是一位著名的安全研究者,他深入研究过Google黑客。他说,防备可能利用代码搜索进行的寻找开发者程序中的漏洞并不容易。
Defending against the possible use of Code search to find flaws in a developer's program is not easy, said Johnny Long, a well-known security researcher that has researched Google hacking extensively.
根据微软所述,恶意站点可以利用该漏洞在用户机器上运行代码。
According to Microsoft, the vulnerability allows a malicious web site to run code on a client's machine.
攻击者成功利用此漏洞可以执行任意代码。
An attacker who successfully exploited this vulnerability could run arbitrary code as the logged-on user.
“红色代码”利用了微软软件中的一个漏洞,是最早的网络蠕虫之一。
Code Red "use of Microsoft software in a loophole, is one of the first network worm."
当地利用多个漏洞使攻击者在内核中执行任意代码。
Local exploitation of multiple vulnerabilities allow an attacker to execute arbitrary code in kernel context.
该文先讨论了缓冲区溢出漏洞的产生原理和一般的攻击手段,然后分析了利用缓冲区溢出漏洞的攻击代码,给出了攻击代码的主要特征。
In this paper, the principles and the attack methods of the overflows are discussed, and the main features of the exploits are given after the analysis on the exploits.
最后,手工测试分析所产生的异常文档,分析漏洞的形成原因,从中寻找可以利用达到代码执行的漏洞。
Finally, manually test and analyze the created exceptional document to find out the cause of the vulnerability with the aim to find the vulnerability can be used to run codes.
如果在不执行任何安全检查的情况下断言安全权限,则会在代码中留下可利用的安全漏洞。
Asserting a security permission without performing any security checks can leave an exploitable security weakness in your code.
如果在不执行任何安全检查的情况下断言安全权限,则会在代码中留下可利用的安全漏洞。
Asserting a security permission without performing any security checks can leave an exploitable security weakness in your code.
应用推荐