PDF Fuzzing made easy with PDF::Create extension for PERL.
Directions: 1) Run pdfuzz.pl with your target application and output file set. 2) Close the application for every time it fuzzes (might seem like an inconvenience but since this has no in-line debugger attached to catch faults you should have brighter results by giving it your non-carpel tunneled hand, therefore giving it some attention and hopefully not missing any bugs). 3) Monitor for crashes / out-of-bounds bugs and run in strace for more information.
And now the good stuff...
$ perl pdfuzz.pl
pdfUZZ - PDF Fuzzer
.....
Usage: pdfuzz.pl -t
$
pdfUZZ fuzzing adobe acrobat:
And don't forget xpdf:
Dice up the fuzz strings and take on some new approaches. With some luck and some poor programming to back it up, you might stumble on some junk. GIMP GIMP GIMP =)
Pick pocket packetstorm!
Too bad this is patched :( .. it may have been found with this fuzzer. Roffles.
Posts
0 comments:
Post a Comment