File format fuzzing?

May 17, 2010
By Mike

I got this email from Will Dormann at CERT today. So… Errrrmmmm… File format fuzzing? What the fark is that?

Hello Mike,

We’ve been working in the areas of vulnerability discovery, with a
focus on file format fuzzing. One of the tools that we have been using
is a fuzzing framework to perform mutation fuzzing of Linux
applications.

Any vendor producing software that processes data should be fuzz
testing that application. Mutation-based file format fuzzing is a
simple form of fuzz testing, however it may not be obvious how file
fuzzing can effectively be performed.

One of our goals is to reduce the complexity for performing file
fuzzing.

We plan to publicly release a simplified version of the framework that
we have been using internally. The CERT Basic Fuzzing Framework (BFF)
consists of:

1) A virtual machine of a minimal Debian Linux installation that has
been configured for effective fuzzing. The virtual machine is VMWare
compatible (VMX + VMDK). Use with other virtualization products should
be possible, but may require conversion and/or other reconfiguration.

2) A configuration file and a few scripts that perform automated
fuzzing with the Caca Labs zzuf fuzzer.

The default configuration is to automatically perform a fuzzing run on
a very old version of ImageMagick. Performing fuzzing on an
application of your choice involves a few steps that are outlined in
the README file.

We are sending you this message to offer you a sneak-preview of the
BFF before it is publicly released. If you have an application that
runs on Linux, then you should be able to perform your own fuzzing. If
the BFF can find vulnerabilities in your application relatively
easily, then this will give you a chance to address the issues before
somebody else finds them.

The fuzzing framework is approximately 330 MB in size.

If you would like a BFF, please let us know. We can provide you with
download details.

Thank you,
Will Dormann

=============================
Vulnerability Analyst
CERT Coordination Center
4500 Fifth Ave.
Pittsburgh, PA 15213
1-412-268-7090
=============================

Leave a Reply

Your email address will not be published. Required fields are marked *

*

CAPTCHA Image

*