August 29th, 2008

The great fuzz frenzy

Fuzzing is hot these days. I just ran across a neat idea/tool called FuzzMan recently (posted to full-disclosure I think). It takes a man page as input, and will fuzz input parameters based on what options it can parse from the man-page. The examples page shows the tool eliciting several segfaults in a known vulnerable version of sharutils.

There is an article in the latest hackin9 magazine (the print version anyway) about fuzzing, which covers several different fuzzing tools as applied to their relevant layers. You should check out the hackin9 magazine if you haven’t already. It’s a pretty good read, and is much more technical than other security/hacking print publications. It is a little spendy though (probably partially because it’s translated and imported), but I think it’s worth it. This issue they started a hacking challenge which is included (among other things) on a CD.


Yea for google images.

One Response to 'The great fuzz frenzy'

  1. 1RobotSkirts » Blog Archive » Midnight Research Labs - The great fuzz frenzy
    April 23rd, 2007 at 10:22 pm

    [...] The great fuzz frenzy Post mentions the fuzzer FuzzMan which works by reading the command line options directly from the man pages. [...]


Leave a Response

Imhotep theme designed by Chris Lin. Proudly powered by Wordpress.
XHTML | CSS | RSS | Comments RSS