[+] Wayc0de's Blog[+]


Fuzzing In Backtrack 5 R1- Part 3 [video]

Description: Fuzzing is a process of sending deliberately malformed data to a program in order to generate failures, or errors in the application. When performed by those in the software exploitation community, fuzzing usually focuses on discovery of bugs that can be exploited to allow an attacker to run their own code, and along with binary and source code analysis fuzzing is one of the primary ways in which exploitable software bugs are discovered.

There are a number of popular and free software based fuzzers available, but during this article we will focus on one of the first fuzzers to become popular within the Information Security community -- SPIKE.

In this part.. i have used pearl to exploit the victim... and used metasploit to investigate the cause of the crash... using the offset finder.. and other cool tools..

Test done on Backtrack 5 R1 and Windows XP SP3.

Tidak ada komentar:

Posting Komentar