The automatic exploit generation challenge is given a program, automatically find vulnerabilities and generate exploits for them. In this paper we present AEG, the first end-to-end system for fully automatic exploit generation. We used AEG to analyze 14 open-source projects and successfully generated 16 control flow hijacking exploits. Two of the generated exploits (expect-5.43 and htget-0.93) are zero-day exploits against unknown vulnerabilities. Our contributions are: 1) we show how exploit generation for control flow hijack attacks can be modeled as a formal verification problem, 2) we propose preconditioned symbolic execution, a novel technique for targeting symbolic execution, 3) we present a general approach for generating working exploits once a bug is found, and 4) we build the first end-to-end system that automatically finds vulnerabilities and generates exploits that produce a shell.

The first step to automatically search for and exploit the most basic vulnerabilities is done, and incremental improvements will surely follow. While this won’t have a deep impact on the computer security industry, since it’s already full of people exploiting software for free, it will surely have a real impact on the programming world: right now, all coders not acquainted with secure code-writing skills should be fired. For more information, visit the following link: Automatic Exploit Generation.