Microsoft buggy as ever - Page 2
Page 2 of 2 FirstFirst 12
Results 11 to 16 of 16

Thread: Microsoft buggy as ever

  1. #11
    Junior Member
    Join Date
    Sep 2005
    Posts
    19
    Does anyone else have a correct fuzzer we can compare it to?

  2. #12
    Senior Member
    Join Date
    Jun 2003
    Posts
    188
    Does anyone else have a correct fuzzer we can compare it to?
    Whats wrong with mine ?

    Total victims till now : 23
    Will lead to privilege escalation : 2

  3. #13
    Junior Member
    Join Date
    Sep 2005
    Posts
    19
    Nothing would just like a different one to compare it to so to see if they get different results...

  4. #14
    Senior Member Maestr0's Avatar
    Join Date
    May 2003
    Posts
    604
    puff, clearly you dont understand what a fuzzer does. The results are: when the command line program is fed a bunch of randomly permutated **** as parameters, they crash, if you wanted, you could fuzz by hand if you have a few hundred years. They dont fail gracefully, and theres possibly an exploitable overflow is occuring. Once you find a binary that does not fail gracefully, you then see if the error is exploitable.

    -Maestr0

    EDT: Good work Warl0ck7, and if you havent seen it already there was a web service fuzzer in python called SMUDGE that was pretty cool and easy to work on, wasnt really complete when I last looked at it, but easy enough to modify to work.
    \"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier

  5. #15
    Senior Member
    Join Date
    Jun 2003
    Posts
    188
    Thanks Maestr0, SMUDGE is essentially SPIKE in python and its development
    has stopped i recommend peach.

    http://freshmeat.net/projects/peachfuzz/

  6. #16
    Junior Member
    Join Date
    Sep 2005
    Posts
    19
    Nope just was debating if differently coded fuzzers get diffrent results?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides