AllgemeinBetreuer: Cornelius Aschermann Beginn: as soon as possible Dauer: 6 month Weitere Details:
Recently, guided gray box fuzzing has gained significant traction in binary security. This is mostly due to the incredible number of critical bugs found by American fuzzy lop (http://lcamtuf.coredump.cx/afl/). Gray box fuzzing performs significantly better than previous fuzzing approaches and will often generate valid files for unknown file formats (https://lcamtuf.blogspot.de/2014/11/pulling-jpegs-out-of-thin-air.html). Yet, there are currently no gray box fuzzing tools for projects that are written in common scripting languages such as Ruby or Python.
The thesis' goal is to develop a gray box fuzzing tool for projects written in a common scripting language, focusing on web applications (e.g. Ruby on Rails).
- Build a gray box fuzzing tool for a common scripting language
- Develop a definition of interesting behavior
- Develop a way for dealing with native functions that cannot be traced
- Develop a way for dealing with CSRF tokens et al.
- Evaluating the performance of the approach
- Experience with a scripting language such as Ruby or Python
- Experience with some of the bigger web frameworks
- Interest in Web-Exploitation