Recently i turned my attention to security, but this time i took a peak into what’s called Fuzzing.
Long story short, fuzzing is mainly brute force vulnerability detection and has a lot of categories. Take a look here. What caught my attention is fuzz testing Web applications and local binaries (mainly black box /grey box fuzzing).
I am total noob in this area, never tried it and never seen a fuzzer doing a good job – however interested in this area i have a low power distributed approach idea somewhere behind.
Just started to read a great book on the topic check it out.
As always, there are some basics that i’ll be focusing on at the start.
- Fuzzing arguments passed to suid binary, you just randomly generate a set of characters and put them into binary arguments to discover eventual input handling issues.
- Fuzzing WEB applications, this is a bigger topic however here i would like to focus mainly on SQL injection discovery, directory traversal, and POST/GET argument fuzzing.
The whole fuzzing area is wide but i have decided to pick up two pretty major destinations to see if i come up with something interesting. Ideally i would like to be able to write a vulnerable binary, fuzz it and get back with some results. Finally i am thinking of getting this stuff distributed, as it is known fuzzing can take some time – it would be good to pack it all up with GridMan.
So let’s treat this as an intro, i will be posting in Security/Fuzzing area some updates as i go through the learning curve.