[fuzzing] I Am A Newb
disco jonny
discojonny at gmail.com
Tue Nov 6 09:36:53 CST 2007
how can you know to cite someone if you didnt know that they had
already done the work?
:)
anyway, i wasnt going to reply to this thread but you might get some ideas
I did/do quite a bit of this, but all my stuff is in 3d and i cant
quite get the images working (although the functionality works - im
just not too sure how to represent it - motion would seem to be the
most obvious - so I am just waiting for a mate to code up an engine
for me to use.) - I think I have made previous posts about this. - i
cant be arsed to search the archives.
but the essence is the file is a 'key' and the asm that loads it is
the 'lock' - if you know anything about lockpicking i hope it makes
sense.
I personally think you need to make models/images of both bits of data
[lock & key] and relate them. if you dont look at the constraints, how
do you know if you are looking at a byte,word, dword, qword or field
of variable length? - otherwise its kinda just showing the same data,
just with more colour and slightly harder to read. you are still no
further forward [although you might get some pretty pictures.]
you will also have issues with representing things like FFFFFFFF is
that -1 or 4,294,967,295 without knowing if that is a signed dword or
not could give a signedness error in your logic/fuzzing functions that
mean you dont check things you should and waste time checking things
you dont need to worry about.
good luck tho.
cheers,
disco.
On 02/11/2007, J.M. Seitz <jms at bughunter.ca> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I apologize, I had no idea that Aaron from TippingPoint had done some
> prior work on this:
>
> https://www.openrce.org/blog/browse/deft
>
> His tool kicks the pants off of my rudimentary method, but I apologize
> for not quoting his work in the first place. My bad Aaron.
>
> JS
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.7 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFHK4oEKEj7ZJktQNsRAuJwAJ4lEk2iANEWonBJ2rGaanYXvuKQFgCggUQm
> hSEcjoVUjaKBFlrX2+CT2NM=
> =eFOA
> -----END PGP SIGNATURE-----
> _______________________________________________
> fuzzing mailing list
> fuzzing at whitestar.linuxbox.org
> http://www.whitestar.linuxbox.org/mailman/listinfo/fuzzing
>
More information about the fuzzing
mailing list