[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-disclosure] 4f: The File Format Fuzzing Framework
- To: bugtraq@xxxxxxxxxxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxxx, news@xxxxxxxxxxxxxx
- Subject: [Full-disclosure] 4f: The File Format Fuzzing Framework
- From: Krakow Labs <krakowlabs@xxxxxxxxx>
- Date: Wed, 09 Sep 2009 00:20:34 -0400
Krakow Labs Development
4f: The File Format Fuzzing Framework
4f is a file format fuzzing framework. 4f uses modules which are
specifications of the targeted binary or text file format that tell it
how to fuzz the target application.
If 4f detects a crash, it will log crucial information important for
allowing the 4f user to reproduce the problem and also debugging
information important to deciding the severity of the bug and its
exploitability.
4f uses specialized modules for fuzzing code that interprets file
formats. Several modules are included and more can be written to follow
other file formats.
Full source code, binary, package, demonstration photo and video @
http://www.krakowlabs.com
You can also check out the video that shows 4f discovering 0day (not
worth much but it shows 4f works!) @ SecurityTube too -->
http://www.securitytube.net/The-File-Format-Fuzzing-Framework-(4f)-video.aspx
~KL
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/