Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 16 Jun 2015 09:31:50 +0800
From: Kai Zhao <loverszhao@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: poor man's fuzzer

Hi Alexander,

I add two fuzz methods to your fuzz.pl. And also I ported it to mac OS X
to fuzz OpenCL and CUDA. The fuzz.pl and fuzz_mac.pl are attached.
You can also get it in my jumbo fork.

https://github.com/loverszhaokai/JohnTheRipper/tree/fuzzing/fuzz/script

I add ChangeCase and InsertDictionary method. ChangeCase will
change each char to upper case and lower case, it will also change all
chars to upper case and lower case. InsertDictionary will insert strings
before each char if the length of hash is less than 50, otherwise it will
inert strings before and after those chars: ".,:#$*". The inserted strings
are from dictionary, and I created an dictionary which is attached. The
strings in the dictionary is from the found bugs which is likely to trigger
bugs.

The InsertDictionary found one bug by insert long strings:

https://github.com/magnumripper/JohnTheRipper/issues/1434


Thanks,

Kai

Content of type "text/html" skipped

View attachment "fuzz_dic.txt" of type "text/plain" (98999 bytes)

View attachment "fuzz_mac.pl" of type "text/x-perl-script" (8837 bytes)

View attachment "fuzz.pl" of type "text/x-perl-script" (8455 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ