Slashdot Mirror

← Back to Stories (view on slashdot.org)

Fuzzing Toolkit For Web Server Testing

Posted by kdawson on from the cheese-it dept.

prostoalex writes "Dr. Dobb's Journal runs an article discussing the tools necessary for fuzzing (testing a system by generating random input in order to cause program failure or crash). Quoting: 'You are fuzzing a Web server's capability to handle malformed POST data and discover a potentially exploitable memory corruption condition when the 50th test case you sent that crashes the service. You restart the Web daemon and retransmit your last malicious payload, but nothing happens... The issue must rely on some combination of inputs. Perhaps an earlier packet put the Web server in a state that later allowed the 50th test to trigger the memory corruption. We can't tell without further analysis and we can't narrow the possibilities down without the capability of replaying the entire test set in a methodical fashion.'"

1 of 47 comments (clear)

  1. Re:Why does Slashdot refuse to cover by Alsee · · Score: 3, Funny

    How about some Paris Hilton stories instead?

    Paris Hilton has Boooobieeees!
    And here are the pictures!

    Slashdot. News For Nerds.

    Affirmative.

    -

    --
    - - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.