首页
社区
课程
招聘
[转帖]Fuzzing with Code Fragments by Christian Holler, Kim Herzig, Andreas Zeller
发表于: 2012-10-29 14:13 1415

[转帖]Fuzzing with Code Fragments by Christian Holler, Kim Herzig, Andreas Zeller

2012-10-29 14:13
1415
Fuzzing with Code Fragments by Christian Holler, Kim Herzig, Andreas Zeller
Fuzz testing is an automated technique providing random data as input to a software system in the hope to expose a vulnerability. In order to be effective, the fuzzed input must be common enough to pass elementary consistency checks; a JavaScript interpreter, for instance, would only accept a semantically valid program. On the other hand, the fuzzed input must be uncommon enough to trigger exceptional behavior, such as a crash of the interpreter. The LangFuzz approach resolves this conflict by using a grammar to randomly generate valid programs; the code fragments, however, partially stem from programs known to have caused invalid behavior before. LangFuzz is an effective tool for security testing: Applied on the Mozilla JavaScript interpreter, it discovered a total of 105 new severe vulnerabilities within three months of operation (and thus became one of the top security bug bounty collectors within this period); applied on the PHP interpreter, it discovered 18 new defects causing crashes.

Fuzzing with Code Fragments.rar

[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入!

上传的附件:
收藏
免费 1
支持
分享
最新回复 (0)
游客
登录 | 注册 方可回帖
返回
//