[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: [Full-disclosure] FuzzDiff tool
From: Dan Rosenberg <drosenberg () vsecurity ! com>
Date: 2010-07-26 20:53:28
Message-ID: AANLkTimTfTsKr4jZe9z3sFCRk9H+Q5UwG_87QjnZPU3G () mail ! gmail ! com
[Download RAW message or body]
Hello,
I'd like to announce FuzzDiff, a simple tool to help make crash
analysis during file format fuzzing a bit easier. I'm sure many
people have written similar tools for their own purposes, but I
haven't seen any that are publicly available. Hopefully at least one
person finds it useful.
When provided with a fuzzed file, a corresponding original un-fuzzed
file, and the path to the targeted program, FuzzDiff will selectively
"un-fuzz" portions of the fuzzed file while re-launching the
application to monitor for crashes. This will yield a file that still
crashes the target application, but contains a minimum set of changes
from the original, un-fuzzed file. This can be useful in pinning down
the exact cause of a crash.
The tool is written in Python and currently only works on Unix-based
systems, since it monitors for crashes by checking for SIGSEGV. It
also assumes that the target program adheres to the syntax "[program]
[args] [input file]". Both of these limitations can be easily worked
around. The code is hardly what I'd call production-ready, but it
gets the job done.
The tool is available at:
http://vsecurity.com/resources/tool
Happy hacking,
Dan Rosenberg
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic