Book Image

KALI LINUX NETWORK SCANNING COOKBOOK

Book Image

KALI LINUX NETWORK SCANNING COOKBOOK

Overview of this book

Table of Contents (16 chapters)
Kali Linux Network Scanning Cookbook
Credits
About the Author
About the Reviewers
www.PacktPub.com
Disclaimer
Preface
Index

Fuzz testing to identify buffer overflows


One of the most effective techniques to identify buffer overflow vulnerabilities is fuzz testing. Fuzzing is the practice of testing the results associated with various input by passing crafted or random data to a function. In the right circumstances, it is possible that input data can escape its designated buffer and flow into adjacent registers or segments of memory. This process will disrupt the execution flow and result in application or system crashes. In certain circumstances, buffer overflow vulnerabilities can also be leveraged to execute unauthorized code. In this particular recipe, we will discuss how to test for buffer overflow vulnerabilities by developing custom fuzzing tools.

Getting ready

To perform remote fuzz testing, you will need to have a system that is running network services over TCP or UDP. In the example provided, a Windows XP system with an FTP service is used for this task. For more information on setting up a Windows system...