Pupils with EasyFuzzer 1.0 mining software vulnerabilities-vulnerability warning-the black bar safety net

ID MYHACK58:62201565218
Type myhack58
Reporter 佚名
Modified 2015-07-30T00:00:00


EasyFuzzer is a new fuzzing tool. Currently only supports the file format of the fuzzy test.

Features: easy, streamlined, efficient, and intelligent. Easy: very easy to use, does not need any configuration. With his elementary students can also dig vulnerability, don't worry there is no 0day. Streamlining: in order to capacity and speed, the software uses 1 0 0% Assembly language written. Exclude the previous fuzzer of useless features. Green software. Efficient: due to the use of Assembly language, and Support multi-thread fuzz, and therefore extremely fast. Intelligent: having ignore the exception and other functions. Powerful: support for intelligent fuzz, you can tap a complex File format vulnerabilities.


Screen video tools Sdemo2. 0 download

Instructions for use:

Template file: select the normal file in this file on the basis of the variation

Target path: the storage variation of the sample path. Selected log must ensure that the path exists.

Extension: fill in the sample name suffix

Host application: mining software path

Mining process: 1 samples to generate

2 generate a sample file for mining

! 0 0 0 1

And then introduce the Options window

! 0 0 0 2

The Options window includes some advanced options

Exception log: store the exception information in the log. Selected log must ensure that the path exists.

Running time: for each of the sample processing lifecycle. The performance of different computers, and different tests the target browser, player, or picture viewer, for this numerical requirement is different. The value over the General Assembly to reduce the experimental efficiency, wasting energy. Value how small it will make the test can not be normal.

Open rate: how much time to start an open thread.

Reasonable configuration to run time and the opening rate of these 2 values, can greatly improve the fuzz efficiency.

As shown in Figure: the runtime is the open rate 4 times, basically the program is in four processes to run on.

Engine 1: Suitable for smaller file vulnerability mining is mainly used for excavation of an integer overflow vulnerability. Low efficiency, broader coverage.

Engine 2: for larger files vulnerability discovery at least greater than 1KB),mainly used for mining buffer overflow vulnerability.

More engines are in development.

Ignore the exception this option is used for exception error message processing. There is no longer discussion.

More features are in development. Following his sdemo video tool to do the fuzz on.

  1. smv is me in advance to do a standard video samples.

We select engine 2 to his generation malformations of the sample.

Click on generate file.

A few seconds after the sentence generation is completed

! 0 0 0 3

Open the folder, here has generated a large number of samples.

! 0 0 0 4

This time we click on fuzzing for.

This time the program is high load of fuzzing, and is multi-threaded!

! 0 0 0 5

Has the mining part, due to time issues, I advance the end of a fuzz

In logo log, we found the exception log a log real 6 8 7 No. file appears abnormal

! 0 0 0 6

! 0 0 0 7

The manual verification, is indeed abnormal.

! 0 0 0 8

In fact, this is a buffer overflow vulnerability.

For more of this vulnerability information, refer to himself in the clouds of the report:http://www. tick. org/bugs/tick-2 0 1 0-0 4 3 5 5 6