Autosploit: A Fully Automated Framework for Evaluating the Exploitability of Security Vulnerabilities
This work addresses the need for more accurate and effective risk assessment in cybersecurity by automating exploitability evaluation, though it appears incremental as it builds on existing testing and search algorithms.
The researchers tackled the problem of determining whether security vulnerabilities are exploitable by introducing Autosploit, an automated framework that tests exploits on various system configurations to identify necessary properties for successful exploitation, achieving results that automatically identify these properties in both noiseless and noisy environments using real vulnerabilities.
The existence of a security vulnerability in a system does not necessarily mean that it can be exploited. In this research, we introduce Autosploit -- an automated framework for evaluating the exploitability of vulnerabilities. Given a vulnerable environment and relevant exploits, Autosploit will automatically test the exploits on different configurations of the environment in order to identify the specific properties necessary for successful exploitation of the existing vulnerabilities. Since testing all possible system configurations is infeasible, we introduce an efficient approach for testing and searching through all possible configurations of the environment. The efficient testing process implemented by Autosploit is based on two algorithms: generalized binary splitting and Barinel, which are used for noiseless and noisy environments respectively. We implemented the proposed framework and evaluated it using real vulnerabilities. The results show that Autosploit is able to automatically identify the system properties that affect the ability to exploit a vulnerability in both noiseless and noisy environments. These important results can be utilized for more accurate and effective risk assessment.