Fuzzing is a software testing technique which is used to find implementation bugs that can be hacked by using malformed/semi-malformed data injection in an automated fashion. The data injection consists of different permutations of data that are fed into target program until one of these permutations reveals a vulnerability that can be exploited by the cyber criminals.
A fuzzer may try different combinations of attacks on:
- Numbers (signed or unsigned integers, floats, etc.)
- Characters (urls, command line inputs, etc.)
- Metadata (user input text such as id3 tag)
- Pure Binary Sequences
The most common approach for a fuzzing attack is to define a list of ‘fuzz vectors’ (known to be dangerous values) for each type and inject these vectors or their recombination into the program.
Here is a list of common fuzz vectors:
- For Integers: Zero, possibly negative or very big numbers
- For Chars: Escaped, interpretable characters / instructions (ex: For SQL Requests, quotes / commands…)
- For Binary: Random ones
- For Chars: Escaped, interpretable characters / instructions (ex: For SQL Requests, quotes / commands…)
Types Of Fuzzing Attacks:
Application Fuzzing: A web application fuzzer tests for buffer overflow conditions, error handling issues, boundary checks, and parameter format checks. Irrespective of the type of system to be fuzzed, the attack vectors are in it’s Input or Output system. Attack vectors for a desktop app are:
- The UI (testing all the buttons sequences / text inputs)
- The command-line options
- The import/export capabilities
In case of a web app, attack vectors can be found in urls, forms, user-generated content, RPC requests, etc.
Protocol Fuzzing: To launch a protocol fuzzing attack, a fuzzer sends forged packets to the tested application and eventually acts as a proxy to modify requests sent to the server and replay them to find a vulnerability.
File Format Fuzzing: In a file format fuzzing attack, the fuzzer generates multiple malformed samples and opens them in a sequence. When the program crashes, the sample is kept for further investigation. Using a file format fuzzing attack, hackers can attack-
- The Parser Layer (Container Layer): These attacks target file format constraints, structure, conventions, field sizes, flags, etc.
- The Codec/Application Layer: These are lower-level attacks which aim at the program’s deep rooted information.
Centex Technologies provide complete IT security solution to clients. For more information, contact Centex Technologies at (972) 375 - 9654.
9c99d57e-972e-4c56-ab48-77e895f0f342|0|.0|96d5b379-7e1d-4dac-a6ba-1e50db561b04