Chapter 14. Network Protocol Fuzzing


“I own a timber company? That’s news to me. Need some wood?”

 --George W. Bush, second presidential debate, St. Louis, MO, October 8, 2004

Fuzzing was born at the University of Wisconsin with the introduction of random arguments to command-line setuid UNIX utilities. Despite this initial association the term fuzzing today is typically thought of as applying to network protocols, and for good reason. Network protocol fuzzing is the most interesting fuzzing transport for security researchers as the discovered vulnerabilities carry the highest criticality. A remotely exploitable vulnerability that does not require valid credentials to reach or any interaction from a target user to exploit is the epitome of discoveries, ...

Get Fuzzing: Brute Force Vulnerability Discovery now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.