Features of fuzzing network interfaces without source codes

The digital transformation of society is leading to the creation of a large number of distributed automated information systems in various areas of modern life. The need to meet security and reliability requirements prompts the creation of tools for their automated testing. Fuzzing within the security development lifecycle (SDL) is a strictly required tool for solving this problem. Tools for fuzzing binary-only applications are in demand too. These kind of fuzzing tools provide the search for critical defects in already functioning systems. It is especially acute when researching the security of proprietary systems operating using closed protocols. In the course of the research, it was found out that for fuzzing network applications in the absence of source codes, the use of universal fuzzers is complicated by many factors. These circumstances are pushing for the creation of an easy-to-use tool for network applications fuzzing. The paper discusses the features of fuzzing of this kind of programs and suggests possible solutions to the identified tasks.

1. Мишечкин М.В., Акользин В.В., Курмангалеев Ш.Ф. Архитектура и функциональные возможности инструмента ИСП Фаззер. Открытая конференция ИСП РАН им. В.П. Иванникова, 2020 г. / Mishechkin M.V., Akolzin V.V., Kurmangaleev Sh.F. Architecture and functionality of the ISP Fuzzer tool. Ivannikov ISP RAS Open Conference, 2020. Slides are available at https://www.ispras.ru/technologies/docs/mishechkin-isprasopen2020.pdf (in Russian).

2. MsFontFuzz. Available at https://github.com/Cr4sh/MsFontFuzz, дата обращения 25.07.2021.

3. Уязвимости Windows, связанные с обработкой шрифтов / Windows font handling vulnerabilities. Available at blog.cr4.sh/2012/06/0day-windows.html, accessed 25.07.2021 (in Russian).

4. Ioctlfuzzer. Available at https://github.com/Cr4sh/ioctlfuzzer, accessed 25.07.2021.

5. Trinity. Available at https://github.com/kernelslacker/trinity, accessed 25.07.2021.

6. OpenSSL Security Adwisory. Available at https://openssl.org/news/secadw/20210325.txt, accessed 16.05.2021.

7. Embleton S., Sparks S. & Cunningham R. Sidewinder: An Evolutionary Guidance System for Malicious Input Crafting. Available at https://www.blackhat.com/presentations/bh-usa-06/BH-US-06-Embleton.pdf, accessed 15.08.2021.

8. Liu X., Wei Q. et al. CAFA: A Checksum-Aware Fuzzing Assistant Tool for Coverage Improvement, Security and Communication Networks, 2018, Article ID 9071065, 13 p.

9. Wang T., Wei T. et al. TaintScope: A Checksum-Aware Directed Fuzzing Tool for Automatic Software Vulnerability Detection. In Proc. of the IEEE Symposium on Security and Privacy, 2010, pp. 497-512.

10. Yamaguchi F., Maier A. et al. Automatic Inference of Search Patterns for Taint-Style Vulnerabilities. In Proc. of the IEEE Symposium on Security and Privacy, 2015, pp. 797-812.

11. Bruening D., Zhao Q., and Amarasinghe S. Transparent dynamic instrumentation. In Proc. of the 8th ACM SIGPLAN/SIGOPS Conference on Virtual Execution Environments (VEE '12), 2012, pp. 133-144.

12. AFLNet. Available at https://github.com/aflnet/aflnet, accessed 08.09.2021.