Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Wed, 19 Nov 2014 06:00:01 +0300
From: Alexander Cherepanov <cherepan@...me.ru>
To: oss-security@...ts.openwall.com
Subject: Re: RE: [security-vendor] Re: Fuzzing
 findings (and maybe CVE requests) - Image/GraphicsMagick, elfutils, GIMP,
 gdk-pixbuf, file, ndisasm, less

On 2014-11-19 02:50, Seth Arnold wrote:
> On Wed, Nov 19, 2014 at 12:21:29AM +0100, Hanno Böck wrote:
>> It'd already be a good start to do this for format-parsing tools. So
>> stuff that runs on files. Everything else is more complicated, fuzzing
>> file formats is the easiest.
>
> You'd be surprised how infrequently file formats come up.. :)

zzuf can fuzz network too.

>>> Getting AFL to work with every package suggested for Ubuntu main is
>>> probably too much work.
>>
>> You may overestimate the complexity of afl. Once you get used to it it
>> basically takes minutes to start a fuzzing job.
>> And Michal is very open to suggestions to improve it (and it is
>> improving on a daily basis right now).
>
> Oh, AFL itself looks pretty blindingly easy to use: CC=... CXX=...  and go
> with it. It's our packaging and building infrastracture that I think would
> make it more complicated: they're designed to make repeatable builds
> easy, not necessarily to allow arbitrary changes to the compiler. And,
> AFL only works for C/C++.

That's an advanced mode of AFL. Too advanced for many things, I would 
say. Use afl-fuzz -dn or zzuf. You need just a sample (or several) for a 
format you are interested in.

-- 
Alexander Cherepanov

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.