h1

Fuzzing…Brute Force Vulnerability Discovery……

October 24, 2014

fuzzzing

This week I’m writing about Fuzzing … Brute Force Vulnerability Discovery….Just got a book from the National Library (PNM).  Fuzzing is a method for discovering faults in software by providing unexpected input and monitoring for exceptions. It is typically an automated or semiautomated process that involves repeatedly manipulating and supplying data to target software for processing. Fuzzing has evolved into one of today’s most effective approaches to test software security. To “fuzz” , you attach a program’s inputs to a source random data , and then systematically identify the failures that arise. Hackers have relied on fuzzing for years.  Renowned fuzzing experts show you how to use fuzzing to reveal weaknesses in your software before someone else does.

Pregenerated Test Cases – this is the method taken by the PROTOS framework. Test case develeopment begins with studying a particular specification to understand all supported data structure and the acceptable value ranges for each. Hard coded packets or files are then generated that test boundary conditions or violate the specification altogether. Those test cases can then be used to test how accurately the specification has been implemented on target systems.Creating test cases can require considerable work up front , but has the advantage of being able to be reused to uniformly test multiple implementations of the same protocol or file format.

Manual Protocol Mutation Testing – there is no automated fuzzer involved. The researcher is the fuzzer. After loading up the target application , the researcher simply enters inappropriate data in an attempt to crash the server or induce some undesirable behaviour. This class of fuzzing is most often applied to Web applications.

Mutation or Brute Force Testing – a fuzzer that starts with a valid sample of a protocol or data format and continually mangles every individual byte , word , dword , or string within that data packet or file. This is great early approach because it requires very little up-front research and implementing a basic brute force fuzzer is relatively straightforward.

Network Protocol Fuzzing – I would like to touch this chapter- chapter 14 regarding network protocol fuzzing that requires identifying the attack surface , mutating or generating error-inducing fuzz values , transmitting those fuzz values to a target , and monitoring that target for faults. If your fuzzer communicates with its target over some form of socket , then it is a network protocol fuzzer.

The book contains chapter about Fuzzer Methods and Fuzzer Types , Data Representation and Analysis , Requirements for Effective Fuzzing , Automation and Data Generation ,Environtment Variable and Argument Fuzzing , and so on..from Chapter 8 to 26. I strongly recommend people in Software Engineering , Malware Expert field to read this book.

p/s:- Excerpt taken from the book – Fuzzing…Brute Force Vulnerability Discovery – by Addison Wesly.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: