-
-
[转帖]Fuzzing with Code Fragments by Christian Holler, Kim Herzig, Andreas Zeller
-
发表于: 2012-10-29 14:13
-
[转帖]Fuzzing with Code Fragments by Christian Holler, Kim Herzig, Andreas Zeller
2012-10-29 14:13
Fuzzing with Code Fragments by Christian Holler, Kim Herzig, Andreas Zeller
Fuzzing with Code Fragments.rar
Fuzz testing is an automated technique providing random data as input to a software system in the hope to expose a vulnerability. In order to be effective, the fuzzed input must be common enough to pass elementary consistency checks; a JavaScript interpreter, for instance, would only accept a semantically valid program. On the other hand, the fuzzed input must be uncommon enough to trigger exceptional behavior, such as a crash of the interpreter. The LangFuzz approach resolves this conflict by using a grammar to randomly generate valid programs; the code fragments, however, partially stem from programs known to have caused invalid behavior before. LangFuzz is an effective tool for security testing: Applied on the Mozilla JavaScript interpreter, it discovered a total of 105 new severe vulnerabilities within three months of operation (and thus became one of the top security bug bounty collectors within this period); applied on the PHP interpreter, it discovered 18 new defects causing crashes.
Fuzzing with Code Fragments.rar
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
|
|
|---|---|
