Search

About me

Johannes (Hanno) Böck
mail: hanno@hboeck.de
jabber: hanno@hboeck.de
gpg: BBB51E42
ssh: RSA, ECDSA


Hanno on Twitter
Hanno on identi.ca

Impressum

schokokeks.org



Atheist

Twitter/identi.ca

hanno: Hui, die 50.000 sind ja schon fast erreicht http://t.co/SAhdf1Spog petition #netzneutralität

hanno: das mit dem "smartphone muss ständig an den strom gehängt werden" find ich immer noch sehr gewöhnungsbedürftig

hanno: Ich mein man muss das positiv sehen: Vielleicht ist ein Feindbild ja ein Anreiz für die Politik, das Patenttrollsystem endlich stillzulegen

hanno: Oh, Kim Dotcom ist unter die Patenttrolle gegangen http://t.co/AmJmITeOu9

hanno: Ich finde ja die Idee eines Maximaleinkommens durchaus sehr attraktiv http://t.co/yNbEqplgm9 #schweiz

Anzeigen

Events

22.05 - 25.05 - Linuxtag
30.05 - 02.06 - GPN13 (6 Days)
04.07 - 07.07 - PQCrypto (41 Days)
05.07 - 07.07 - SIGINT (42 Days)
31.07 - 04.08 - OHM13 (68 Days)
01.10 - 02.10 - Open Access Tage (130 Days)
My pages
Picture gallery

Archives

Categories



All categories

Feeds

Tags

Creative Commons

CC0
Unless noted otherwise, all content is CC Zero / public domain

Fuzzing is easy

Sunday, September 7. 2008, 19:17
I recently played around with the possibilities of fuzzing. It's a simple way to find bugs in applications.

What you do: You have some application that parses some kind of file format. You create lots (thousands) of files which have small errors. The simplest approach is to just change random bits. If the app crashes, you've found a bug, it's quite likely that it's a security relevant one. This is especially crucial for apps like mail scanners (antivirus), but pretty much works for every app that parses foreign input. It works especially well on uncommon file formats, because their code is often not well maintained.

My fuzzing tool of choice is zzuf.

I am impressed and a bit shocked how easy it is to find crashers and potential overflows in common, security relevant applications. My last discovery was a crasher in the chm parser of clamav.
Code, English, Linux, Security | Comments (0) | Trackbacks (0)
Defined tags for this entry: , , ,
Related entries by tags:

Trackbacks
Trackback specific URI for this entry

No Trackbacks

Comments
Display comments as (Linear | Threaded)

No comments

Add Comment

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
E-Mail addresses will not be displayed and will only be used for E-Mail notifications.