1.6 KiB
Windows Binary Fuzzing
Modern-day fuzzing is one of the most efficient techniques to automatically detect bugs and vulnerabilities in software projects [1]. It works by automatically feeding pseudo-randomly generated input data to the target program under test. However, most fuzzing techniques are only possible for target programs with source code and without a GUI [2]. This is because closed-source programs and programs with a GUI cannot easily be harnessed by fuzzers. This means, that the fuzzer cannot automatically find a good way to feed input into the program. In the scope of this thesis/project, closed-source GUI programs on Windows should be fuzzed. Contrary to the Linux and open-source community, the Windows ecosystem has received little attention. Therefore, in the scope of this project, a tool should be developed, which automatically harnesses and fuzzes Windows applications. To achieve this, simple binary rewriting frameworks [3] may be used to replace GUI file opening dialoges with an automatic way to feed file input into a program. Then, well-established fuzzing tools [4,5,6] can be used to fuzz multiple Windows-only programs. This should provide a first look into, whether the applications in the Windows ecosystem are as vulnerable as expected.
References:
[1] https://github.com/google/oss-fuzz
[2] https://www.usenix.org/system/files/usenixsecurity24-schilling.pdf
[3] https://ieeexplore.ieee.org/abstract/document/8023154/
[4] https://github.com/googleprojectzero/winafl