Re: [Full-disclosure] Fuzzing and SEH



On 11/04/2010 06:30 AM, primehaxor wrote:
Hi list,

When i run some fuzzing tests i can't trap the exception when found some
bug due invalid input. I'm trying to figure out a smart way to handle
the exception, and tell me when it run.

Your question lacks specifics.

On the PoC i've got the daemon crashed but it still working whithout
response the requests.

For example, you use the term "SEH" in the title which implies an MS
Windows environment, now you're talking about a "daemon" which usually
implies a Unix environment.

I'm reading the Sulley framework and PyDBG doc to find some trick to get
it working.

Any ideia?

Uhh, set a breakpoint on the exception (or its handler)? I don't know
the specific tools you mention, but it's pretty basic debugger
functionality.

- Marsh

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/