Note that !exploitable may assign different hashes to the same underlying software defect. The fuzzing framework uses the hash that was generated to determine if a crash is unique.
Microsoft's !exploitable Crash Analyzer debugger extension analyzes any crashes and assigns them each a hash identifier. The fuzzer takes a starting, or "seed," file, mutates it, and opens it using the target application while monitoring that application for a crash. I used a Python-based mutational fuzzing framework for Microsoft Windows. Fuzz testing can be used as one measure of the number of vulnerabilities that an application may contain. Depending on the specific circumstances of a crash, these bugs may also result in vulnerabilities that allow an attacker to execute arbitrary code. Every bug that results in a crash has the potential of being a vulnerability. Also included are some other aspects of the Office suites that can affect the software's security.įuzz testing is a dynamic software testing technique that can be used to find bugs that result in the crashing of an application. This blog entry contains the results from a similar test that I performed in November 2010. Recently, Dan Kaminsky published a blog entry that compared the fuzzing resiliency of Microsoft Office and Oracle OpenOffice.
0 kommentar(er)
