Vulnerability Development mailing list archives

Re: New Binary Bruteforcing Method Discovered

From: "Kurt Seifried" <bugtraq () seifried org>
Date: Tue, 26 Mar 2002 12:10:00 -0700

You also forgot Fuzz From Ben Woodward:

http://fuzz.sourceforge.net/

And this will only uncover common things like buffer overflows, and length
limited stuff like variables, what is needed is a much more intelligent tool
that can also throw env. variables at it, format strings, etc, etc, until
then this testing is useful, but extremely limited (mostly to "98% of vendor
A's software crashed when we ran fuzz against it, 96% of vendor B's software
crashed, therefore vendor B is better we think").

Kurt Seifried, kurt () seifried org
A15B BEE5 B391 B9AD B0EF
AEB0 AD63 0B4E AD56 E574
http://seifried.org/security/
http://www.idefense.com/digest.html

Current thread:

New Binary Bruteforcing Method Discovered pr0ix (Mar 26)
- Re: New Binary Bruteforcing Method Discovered Kurt Seifried (Mar 26)
- Re: New Binary Bruteforcing Method Discovered Michal Zalewski (Mar 26)
- Re: New Binary Bruteforcing Method Discovered David Rhodus (Mar 26)
- <Possible follow-ups>
- Re: Re: New Binary Bruteforcing Method Discovered pr0ix (Mar 27)
- Re: New Binary Bruteforcing Method Discovered Liedtke Goetz (Mar 27)
  - Re: New Binary Bruteforcing Method Discovered Charles 'core' Stevenson (Mar 28)
- RE: New Binary Bruteforcing Method Discovered Michael Wojcik (Mar 28)
  - RE: New Binary Bruteforcing Method Discovered Michal Zalewski (Mar 28)
  - Re: New Binary Bruteforcing Method Discovered Blue Boar (Mar 28)