Questions tagged [fuzzing]
A software testing technique that involves providing invalid, unexpected, or random data to the inputs of a computer system, then monitoring for exceptions, failed assertions, or memory leaks.
27
questions
1
vote
0
answers
59
views
Fuzzing closed application
I want to get from you some advice about fuzzing.
I am checking a huge C application (not open source) which is also an HTTP server.
My purpose is to fuzz the HTTP server via the requests being sent ...
- 11
15
votes
2
answers
11k
views
What are some ways to pass raw bytes to a program via the Linux terminal?
I want to pass raw bytes to a (C) program using the Linux Bash shell. I find that when I try to pass for example "\x00\xFF\xAB", the program receiving the input actually gets the ASCII character codes ...
- 1,880
1
vote
1
answer
362
views
Approach for fuzzing interactive CLI
I have an IoT system that has a command-line-based interactive shell that can be used to configure the system. While examining the disassembly/decompilation, I realized that there is a lot of ...
- 609
2
votes
2
answers
190
views
Modern methods of fuzzing/locating heap bugs and potential vulnerabilites
really glad I found this great learning resource.
I was wondering, is there any way to fuzz or automate heap vulnerability assesment? I know a lot of practical frameworks for stack based fuzzing in ...
- 21
2
votes
0
answers
202
views
submitting input into AFL fuzzer
I have some questions about the AFL Fuzzer:
How does the AFL Fuzzer know where to inject the payload in the code I compile? For instance if I want to inject it in a specific parameter, how do I do it?...
- 71
-1
votes
1
answer
346
views
Fuzz Test Suite for C/C++ Command Line Argument/Standard Input programs
I have implemented a basic coverage guided fuzzer that is sending inputs to programs accepting ONE command line argument or ONE standard input. I am trying to find a complex code to fuzz that can meet ...
4
votes
1
answer
5k
views
Android application fuzzing
How to do fuzzing in Android applications? Do we have any fuzzer specific to the android?
Actually, I am looking for an easy way to do fuzzing while performing penetration testing of android ...
- 121
3
votes
1
answer
435
views
Questions about enabling special pool on win32k
So there is win32k.sys, win32kbase.sys, win32kfull.sys in Windows 10
Does verifier /driver win32k.sys /flags 0x1 enable special pool on all three drivers? (win32k.sys is kinda like stub to other ...
- 329
2
votes
1
answer
99
views
Detect interesting testcases
Suppose I have a ton of test cases and my target is closed-source. Well, I need to know which test cases discover new path in the execution of my target and which are duplicated. I know I have to use ...
- 21
0
votes
1
answer
242
views
Is it possible to programmatically determine if a crash resulted from a buffer overflow?
Crash analysis:
Given a large set of crashes, all resulting from access violations, is it possible to (with or without access to symbols and source code) programmatically determine whether the ...
- 1,258
1
vote
1
answer
335
views
iOS exploit hunting environment
Suppose, I have a new iPhone 6s with latest iOS, and I want to find vulnerabilities in iOS itself. iPhone is not jailbroken. How do I set up the proper environment for this? What software and/or ...
- 53
9
votes
1
answer
466
views
Saving program execution state for fuzzing
Suppose I have a program that has two functions, functionA and functionB called sequentially.
functionA requires a significant amount of processing in order to execute, and in the course of the ...
- 1,326
2
votes
2
answers
429
views
Getting started with dynamic reverse engineering
I have been doing a lot of reading into how to find vulnerabilities in closed source applications. And the term that comes up a lot is "fuzzing".
I want to get started with fuzzing and I looking for ...
- 203
3
votes
2
answers
219
views
blackbox vulnerability assessment
I wonder if the tools like AddressSanitizer exist for blackbox analysis.
For instance I've fuzzer that can probe some 100 variants per second and after a few seconds crash was detected. Maybe some ...
- 823
1
vote
1
answer
266
views
Run multiple instances of same application - Adobe Reader
I have been fuzzing Adobe Reader for a while now.
One of the issue that I face is running multiple instances of same application. If I'm able to run multiple instances of same application, I will be ...
- 595