February 2010 • White Paper
In this paper, Vincenzo Iozzo describes how to effectively fuzz with no knowledge of the user-input and the binary.
Software Engineering Institute
Nowadays fuzzing is a pretty common technique used by both attackers and software developers. Currently known techniques usually involve knowing the protocol/format that needs to be fuzzed and having a basic understanding of how the user input is processed inside the binary. In the past, since fuzzing was little-used, obtaining good results with a small amount of effort was possible.
Today finding bugs requires digging a lot inside the code and the user-input as common vulnerabilities are already identified and fixed by developers. This paper will present an idea on how to effectively fuzz with no knowledge of the user-input and the binary. Specifically the paper will demonstrate how techniques like code coverage, data tainting and in-memory fuzzing allow to build a smart fuzzer with no need to instrument it.