PyFuzzer：自动化高效内存模糊测试方法

doi:10.3969/j.issn.1000-436x.2013.Z2.013

Abstract

Abstract:

Fuzz Testing is an effective method to mine all kinds of vulnerabilities.But the main drawbacks to current fuzz testing tools are:firstly,it produces high volume testing data and it’s extraordinary time consumption; secondly,if the accessing needs authentication,the greatest part of test data will be abandoned.PyFuzzer,a novel automatic in-memory fuzz testing tool combining static analysis,dynamic analysis and in-memory fuzz testing,was presented.The tool is highly automatic and effective.Compared with 4n FTP Fuzzer in testing WarFTPD and Serv-U,PyFuzzer can discover all vulnerabilities and improve test efficiency greatly.

Key words: fuzz testing, static analysis, dynamic tracking, vulnerabilities excavate

Wei-ming LI,Jun-qing YU,Shao-bo AI. PyFuzzer：automatic in-memory fuzz testing method[J]. Journal on Communications, 2013, 34(Z2): 64-68.

Figures/Tables 6

References 10

[1]	中国国家漏洞库[EB/OL]..2013.
[2]	BARTON M , LOUIS F , BRYAN S . An empirical study of there liability of UNIX utilities[J]. Communications of the Association for Computing Machinery, 1990,33(12): 32-44.
[3]	JUSTIN F , BARTON M . An empirical study of the robustness of Windows NT applications using random testing[A]. Proceedings of the 4th USENIX Windows System Symposium[C]. Berkeley:USENIX Association, 2000. 1-6.
[4]	AITEL D . The Advantage of Block-Based Protocol Analysis for Security Testing[R]. Miami Beach:Immunity Inc, 2002.
[5]	何永君 . 基于动态二进制分析的网络协议逆向解析[D]. 郑州:解放军信息工程大学, 2010. HE Y J . Network Protocol Reverse Parsing Based on Dynamic Binary Analysis[D]. Zhengzhou:PLA Information Engineering University, 2010.
[6]	WANG T , WEI T , GU G ,et al. TaintScope:a checksum-aware directed fuzz testing tool for automatic software vulnerability detection[A]. Proceedings of the IEEE Symposium on Security and Privacy[C]. Oakland,CA, 2010. 497-512.
[7]	SUTTON M , GREENE A , AMINI P . Fuzz testing:Brute Force Vulnerability Discovery[D]. Addison-Wesley Professional, 2007. 13-15.
[8]	IOZZO V . Knowledge fuzz testing[A]. Proceedings of the Black Hat[C]. 2010.
[9]	吴志勇, 夏建军, 孙乐昌 . 多维Fuzz testing技术综述[J]. 计算机应用研究, 2010,27(8): 2810-2872. WU Z Y , XIA J J , SUN L C . Survey of multi-dimensional fuzz testing technology[J]. Application Research of Computers, 2010,27(8): 2810-2872.
[10]	EVANS D , LAROCHELLE D . Improving security using extensible lightweight static analysis[J]. IEEE Software, 2002,19(1): 42-50.

Metrics

Recommended 0

No Suggested Reading articles found!

函数	黑名单	污点数据	优先级
strcpy	Y	Y	高
循环拷贝指令	Y	Y	高
fgets	Y	N	中
foo	N	N	低

操作数类型	字符符号
OPERAND_NONE ＂＂	x
OPERAND_IMMEDIATE = ＂Immediate＂	i
OPERAND_REGISTER = ＂Register＂	r
OPERAND_ABSOLUTE_ADDRESS	a
OPERAND_MEMORY = ＂AbsoluteMemory＂	m
OPERAND_FAR_MEMORY = ＂FarMemory＂	f

测试程序	函数数目	危险函数数目	JXX循环拷贝结构	Rep mov
WarFTPD 1.65	1 987	362	6	432
Serv-U build 4.0.0.4	2 392	580	13	719

程序/(工具)	测试结果	漏洞类型
WarFTPD1.65 (PyFuzzer)	CWD,CDUP,DELE,NLST,LIST	DoS
WarFTPD1.65 (PyFuzzer)	USER	Buffer overflow
Serv-U build 4.0.0.4 (PyFuzzer)	SITE CHMOD,MDTM,LIST	Buffer overflow
Serv-U build 4.0.0.4 (PyFuzzer)	XCRC,STOU,DSIZ	DoS
Serv-U build 4.0.0.4 (4n FTP Fuzzer)	SITE CHMOD,MDTM,SMNT	Buffer overflow
Serv-U build 4.0.0.4 (4n FTP Fuzzer)	STOU	DoS

PyFuzzer：automatic in-memory fuzz testing method

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 6

References 10

Related Articles 3

Metrics

Recommended 0

[1]	. Malware detection technology analysis and applied research of android platform [J]. Journal on Communications, 2014, 35(8): 11-85.
[2]	Wei-ping WEN,Rui MEI,Ge NING,Liang-liang WANG. Malware detection technology analysis and applied research of android platform [J]. Journal on Communications, 2014, 35(8): 78-85.
[3]	. PyFuzzer：automatic in-memory fuzz testing method [J]. Journal on Communications, 2013, 34(Z2): 13-68.