The joy of fuzzing
To fuzz means to test a particular application against variable data input supplies and analyze the behavior of the particular software or application. Let's now see how we can fuzz an application and gather essentials from its behavioral aspects in order to exploit the software or application.
Crashing the application
Our first task is to crash the application somehow. In addition, our focus should be on how to crash the application and under what circumstances the application crashes. Now, a question that arises here is why we are crashing the application. The answer to this question is to analyze what modifications occur to the important registers such as EIP and ESP when we supply variable amounts and types of input to the application. Therefore, we can modify our fuzz parameters to overwrite these two registers with custom values. In addition, we crash the application to find out if it is vulnerable to exploit using buffer overflows. We will first create a simple application...
