-
October 6th, 2005, 07:11 AM
#11
Junior Member
Does anyone else have a correct fuzzer we can compare it to?
-
October 6th, 2005, 08:34 AM
#12
Does anyone else have a correct fuzzer we can compare it to?
Whats wrong with mine ?
Total victims till now : 23
Will lead to privilege escalation : 2
-
October 6th, 2005, 09:57 AM
#13
Junior Member
Nothing would just like a different one to compare it to so to see if they get different results...
-
October 6th, 2005, 04:05 PM
#14
puff, clearly you dont understand what a fuzzer does. The results are: when the command line program is fed a bunch of randomly permutated **** as parameters, they crash, if you wanted, you could fuzz by hand if you have a few hundred years. They dont fail gracefully, and theres possibly an exploitable overflow is occuring. Once you find a binary that does not fail gracefully, you then see if the error is exploitable.
-Maestr0
EDT: Good work Warl0ck7, and if you havent seen it already there was a web service fuzzer in python called SMUDGE that was pretty cool and easy to work on, wasnt really complete when I last looked at it, but easy enough to modify to work.
\"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier
-
October 6th, 2005, 06:29 PM
#15
Thanks Maestr0, SMUDGE is essentially SPIKE in python and its development
has stopped i recommend peach.
http://freshmeat.net/projects/peachfuzz/
-
October 7th, 2005, 08:39 AM
#16
Junior Member
Nope just was debating if differently coded fuzzers get diffrent results?
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|