The great fuzz frenzy
sth posted in tools on April 23rd, 2007
Fuzzing is hot these days. I just ran across a neat idea/tool called FuzzMan recently (posted to full-disclosure I think). It takes a man page as input, and will fuzz input parameters based on what options it can parse from the man-page. The examples page shows the tool eliciting several segfaults in a known vulnerable version of sharutils.
There is an article in the latest hackin9 magazine (the print version anyway) about fuzzing, which covers several different fuzzing tools as applied to their relevant layers. You should check out the hackin9 magazine if you haven’t already. It’s a pretty good read, and is much more technical than other security/hacking print publications. It is a little spendy though (probably partially because it’s translated and imported), but I think it’s worth it. This issue they started a hacking challenge which is included (among other things) on a CD.
Yea for google images.
April 23rd, 2007 at 10:22 pm
[...] The great fuzz frenzy Post mentions the fuzzer FuzzMan which works by reading the command line options directly from the man pages. [...]