Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

The author of this article decided to fuzz a file viewer. They choose this target because not many people had fuzzed it. Additionally, they chose to fuzz the CUR format because none of the CVEs reflected this. In general, fuzz things that people have not looked at in order to find bugs.

Peach Fuzzer is an older fuzzer that does not apply binary instrumentation to the programs. The program takes in an input, mutates it then sends it to the program to see what happens. With Peach Fuzzer, you can ask for random mutations or ask it to common a set file format.

The Peach Fuzzer smart fuzzing can be used to specify the structure of the data, the flow of data, set testing blocks and a bunch more. Although things like AFL are much better when things can be instrumented, Peach still has its place.

Using Peach fuzzer the authors find a buffer overflow via the setting the BitCount to be very larger. Using this, an integer overflow occurs that leads to a stack based buffer overflow.

To actually exploit this, the author overwrites the SEH Chain on the stack to control the flow of execution. Because the Windows program does not turn on ASLR or DEP, popping a shell is quite easy. However, the author made POCs that bypass both of these protections just for the fun of it.

Overall, this was a good article on fuzzing! The art of fuzzing looks a little less scary after reading this article.