It is a new way to torture your program. Generate a pile of malformed data, feed them to the program, and see the program making an ugly face.
Let your computer find some bugs in your target programs.
2. Tools and How to use
All tools can be used as standalone program, but fuzz technique is so common nowadays. You can easily find security firms, hardware and software vendors, and your master degree friends fuzzing their target programs.
You should combine and chain tools to get better results. A list below is just a list of examples, at least I tried or I’ve heard of. Each way to improve performance and to make a better crash could be a subject of academic thesis.
Because of this, you should follow up what people are talking about fuzzing in conference, talks, blog and paper, etc. to know about fuzzing.
2.1. Radamsa
Q: What’s with the funny name? A: It’s from a scene in a Finnish children’s story. You’ve probably never heard about it.
A simple and easy to use, yet very strong fuzzing tool, written in C and Scheme.
It will generate a mutated string given from the standard input.
$ echo "abcde" | radamsa
abcdecdecdecdecdecdecdeYou can give a seed, types of mutation methods, and delay. And you generate output to file, and pass the mutated strings to the network with --output option.
radamsa -o 127.0.0.1:313372.2. ronin-fuzz
ronin-fuzzer fuzz -i input.bin -o mutated.binAnd you can write a script.
require 'ronin/fuzzing'but it lacks of generating malformed data, you should write a script by yourself.
2.3. Qiling
Same effects of qemu-user with less speed.
More precisely, it is AFL++ on Qiling. Because Qiling is an emulation framework, not a fuzzer.