-
-
[转帖]Fuzzing with Code Fragments by Christian Holler, Kim Herzig, Andreas Zeller
-
发表于: 2012-10-29 14:13 1415
-
[转帖]Fuzzing with Code Fragments by Christian Holler, Kim Herzig, Andreas Zeller
2012-10-29 14:13
1415
Fuzzing with Code Fragments by Christian Holler, Kim Herzig, Andreas Zeller
Fuzzing with Code Fragments.rar
Fuzz testing is an automated technique providing random data as input to a software system in the hope to expose a vulnerability. In order to be effective, the fuzzed input must be common enough to pass elementary consistency checks; a JavaScript interpreter, for instance, would only accept a semantically valid program. On the other hand, the fuzzed input must be uncommon enough to trigger exceptional behavior, such as a crash of the interpreter. The LangFuzz approach resolves this conflict by using a grammar to randomly generate valid programs; the code fragments, however, partially stem from programs known to have caused invalid behavior before. LangFuzz is an effective tool for security testing: Applied on the Mozilla JavaScript interpreter, it discovered a total of 105 new severe vulnerabilities within three months of operation (and thus became one of the top security bug bounty collectors within this period); applied on the PHP interpreter, it discovered 18 new defects causing crashes.
Fuzzing with Code Fragments.rar
赞赏
他的文章
看原图
赞赏
雪币:
留言: