FAEG: Feature-Driven Automatic Exploit Generation.

Buffer overflow vulnerabilities are prevalent in software applications, and their automatic detection and exploitation are of great significance. Modern operating systems implement security mitigation to prevent the exploitation of these vulnerabilities, which in turn become obstacles for automatic exploit generation (AEG). Many current AEG solutions do not fully consider security mitigation bypassing and the exploitation of vulnerabilities in special cases, resulting in an inability to accurately assess the exploitability of vulnerabilities in such scenarios. In this paper, we propose a feature-driven buffer overflow vulnerability automatic exploit generation method - FAEG, which uses optimized symbolic execution to search target software for potential buffer overflow vulnerabilities, constructs complete vulnerability models, and then adaptively selects appropriate exploitation techniques based on vulnerability type and features, bypassing system protection and generating effective exploit program. In this paper, we use FAEG to test 15 open-source Capture The Flag (CTF) challenges, successfully identifying vulnerabilities in all 15 applications and automatically generating exploitation schemes for 14 of these vulnerabilities. The results demonstrate that FAEG performs well in automatically detecting and exploiting vulnerabilities, achieving better bypassing of system security mitigation compared to existing AEG solutions, and offers higher success rates and flexibility.