J0EII

4n07hER H4x0rin9 N07e2

f41lur3

05Cb

\/\/\/3b

|ib

|[email protected]|< G0|>

[1]AWS

[20]Adv. Pen-Testing

[6]Algorithm

[1]Apache

[1]Backup

[53]Basic Pen-Testing

[12]Bug Bounty

[1]CI/CD

[3]CTF

[5]CentOS

[1]Crontab

[1]DBeaver

[1]Database

[3]Debian

[1]Design Pattern

[1]Django

[4]Docker

[8]E-Business

[1]ESXI

[2]ElementaryOS

[1]Failure

[4]Fedora

[1]File Browser

[4]Fuzzing

[1]Git

[2]Gitlab

[2]Gitolite

[3]HTML5

[3]Hashcat

[1]Hashes

[1]Hexdump

[16]JS

[3]Java

[1]John

[4]KaliOS

[15]Laravel

[8]LeetCode

[28]Linux

[1]Logrotate

[7]Mac

[1]Metasploit

[2]MongoDB

[4]Networking

[4]Nginx

[2]NodeJS

[11]One-liner

[11]PHP

[7]Pentest Android

[6]Python

[1]React

[4]React Native

[3]Ruby

[4]SQL

[32]Server

[3]Squid

[1]TMUX

[7]Thoughts

[15]Ubuntu

[3]VIM

[2]VirtualBox

[4]WSL2

[34]Web

[8]Windows

[10]WordPress

[1]choco

[1]vmware

[1]wkhtmltopdf

November 16, 2019

Fuzz - 3.0 - Dynamic analysis basics

How to generate crashes

General Testing on Logic Flaws
- Very hard to detect, generally infeasible
- fuzz -> detect exceptional behavior -> determine if bug -> determine if vulnerability

White box

So we have test harness for this case

Common Test Harness area
- process died/zombied
- PID gone
- logs
- attach a debugger, check state

Black box

by introspection

look for access form
view output
check response time, detect crashes, things that different to standard