Archive for the 'Fuzzing' Category

Quick and Dirty Fuzzing

I’m a bit late into the fuzzing game, and recently I was thrown to do few short projects that involved third-party server components. Though tools like sulley and spike produces good results, especially since you can fuzz in depth with several test cases, but if you are short on time and haven’t had a chance to learn to use them, TAOF (The art of fuzzing) is very handy. It’s a GUI fuzzer written in Python, portable to any platform. The tool, being a GUI, is one of those fuzzer that can just unwrap and run. TAOF works as MITM TCP network proxy, point the client to Taof and it forwards the traffic to the server/services in question. Set the fuzzing points, then select the signatures to inject for stack/heap overflows, string overflows, integer overflows, and dictionary attack. Literally Click-Point-Click.

TAOF, by default, may not be as robust as other fuzzers, but you can edit the python source for more signatures. The tool also stops fuzzing when it crashes the service. But that’s when you pull out the big boys like Sulley and Peach, where you can focus on interesting points for more in-depth analysis.

BTW, Peach 2.0 recently came out last November. It no longer require tester to write convoluted Python code. It runs by feeding a XML data definition, then let the Peach cook and create the data mutations.