Does anyone else have a correct fuzzer we can compare it to?
Printable View
Does anyone else have a correct fuzzer we can compare it to?
Whats wrong with mine ? :confused:Quote:
Does anyone else have a correct fuzzer we can compare it to?
Total victims till now : 23
Will lead to privilege escalation : 2 :D
Nothing would just like a different one to compare it to so to see if they get different results...
puff, clearly you dont understand what a fuzzer does. The results are: when the command line program is fed a bunch of randomly permutated **** as parameters, they crash, if you wanted, you could fuzz by hand if you have a few hundred years. They dont fail gracefully, and theres possibly an exploitable overflow is occuring. Once you find a binary that does not fail gracefully, you then see if the error is exploitable.
-Maestr0
EDT: Good work Warl0ck7, and if you havent seen it already there was a web service fuzzer in python called SMUDGE that was pretty cool and easy to work on, wasnt really complete when I last looked at it, but easy enough to modify to work.
Thanks Maestr0, SMUDGE is essentially SPIKE in python and its development
has stopped i recommend peach.
http://freshmeat.net/projects/peachfuzz/
Nope just was debating if differently coded fuzzers get diffrent results?