what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 25 of 33

Files from Marshall Whittaker

Deliverance 0.018-daf9452 File Descriptor Fuzzer

Posted May 24, 2022

Authored by Marshall Whittaker | Site github.com

Deliverance is a file descriptor fuzzer written in bash. It injects random data into file descriptors of pids associated with a process until the program crashes, then outputs the results of what caused the crash. It leaves behind files that were used as input for the last 2 minutes before the fault, useful for reproduction.

tags | tool, bash, fuzzer

SHA-256 | b2d5c61d25c3596775232700731b3c52f39be5ff2131841bfe8f930ed516e6e3

Download | Favorite | View

Ansvif 1.12

Posted Oct 30, 2019

Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This is a bugfix release to ansvif. Many things were tweaked and fixed since the last version, but no real functionality has changed.

tags | tool, fuzzer

systems | unix

SHA-256 | b1ab3d738d61d727cce3db2834c74e0d3f9d64dd23f7c1d305ccd92c05839223

Download | Favorite | View

Ansvif 1.11

Posted Jan 3, 2019

Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release has lots of code cleanup, bug fixes, and slight improvements in speed. Some code readability has been improved. This release is known to work on Android 7.1.1 (tested on a Motorola Droid Maxx 2), Ubuntu Linux x86_64, as well as Windows 10 x86_64.

tags | tool, fuzzer

systems | unix

SHA-256 | 037f63c0d88d988078c440d65fcb3f037111f9486171391578f674f2cc68e1c6

Download | Favorite | View

Ansvif 1.11a

Posted Oct 23, 2018

Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This is an initial Android pre-release.

tags | tool, fuzzer

systems | unix

SHA-256 | 7fb1e433412d64fcd2335a3ebe7f66437ef34d5a0d3a1df62e2476f3169244ba

Download | Favorite | View

Ansvif 1.10

Posted Aug 27, 2018

Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release comes with lots of bug fixes and a couple new features added to the GTK frontend.

tags | tool, fuzzer

systems | unix

SHA-256 | a45e7858e17f46a83a5612c75c070edff04dda6eab8f0a582f20f2ae5596d1d6

Download | Favorite | View

Ansvif 1.9.1

Posted Apr 19, 2018

Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This version is a bugfix release that includes lots of error handling.

tags | tool, fuzzer

systems | unix

SHA-256 | 11210463d7d354962165bf3887b2384b20d757d1e57785e6996cdb17c9a257d9

Download | Favorite | View

Ansvif 1.9

Posted Apr 16, 2018

Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes lots of bugfixes and a bunch of new entries in the examples folder.

tags | tool, fuzzer

systems | unix

SHA-256 | 5cadf0ed2373636137cac4f25fb26de7d52672f89c3498a780239f53cb6690bb

Download | Favorite | View

Ansvif 1.8.1.1

Posted Dec 29, 2017

Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release is for Windows 10 compatibility. Includes an ansvif.exe (with embedded icon this time), and printf.exe for reproducing faults. Also included are the examples to test ansvif on.

tags | tool, fuzzer

systems | unix

SHA-256 | a6465c6ebdc9d2ee488e2f8e4ef6e93e8ae72c06bb4873aee84e3b20039b9f2d

Download | Favorite | View

Ansvif 1.8.1

Posted Oct 26, 2017

Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: Bug fixes and a new option to let you control if null characters are in the fuzz.

tags | tool, fuzzer

systems | unix

SHA-256 | da5e7c56de700078c640a0eaaa287e9643cb97d56dc08a942a48fbd3fe8700f1

Download | Favorite | View

Ansvif 1.8

Posted Sep 12, 2017

Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes some touchups to the main ansvif code, better crash detection under linux, as well as a primary new feature: the frontend to ansvif.

tags | tool, fuzzer

systems | unix

SHA-256 | 3802ca4a49b5033554a89567a685f4ee9e22fddddc120125d769fb7317fcfa8e

Download | Favorite | View

Ansvif 1.7

Posted Apr 13, 2017

Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release marks easier compiling on most modern operating systems including Windows 7, Windows 10, Linux (Redhat and Debian based distros), and OpenBSD. It may compile/work on other operating systems but has not been tested. This is mostly a source code release with lots of code cleanup, and no new features.

tags | tool, fuzzer

systems | unix

SHA-256 | 2c2eb4b44d8649611c833b65e2abf446870ef2d3d44d84e0f9b8e57d41fb1e33

Download | Favorite | View

Ansvif 1.6.2

Posted Feb 25, 2017

Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release has lots of code cleanup, bug fixes, and includes a -y or -b 0 option for zero buffer size (useful with -A and -B when in use with other fuzzers), and a -K option to keep going after a crash (usually only useful when logging).

tags | tool, fuzzer

systems | unix

SHA-256 | fe07ede744275e79f00a3a21f07bc10a3f99cfcb3d440819651a51f0048d0d2b

Download | Favorite | View

Ansvif 1.6.1

Posted Nov 21, 2016

Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes a -M option for maximum arguments in the fuzz, as well as algorithmic control of ansvif fuzz testing (so that if it has already tried a particular fuzz it will not try it again, this speeds things up quite a bit).

tags | tool, fuzzer

systems | unix

SHA-256 | 859f9e504580cf957ec756c239cf58ea4940fa4416cab0fa7e4d1ea6024c0f4c

Download | Favorite | View

Ansvif 1.6

Posted Oct 2, 2016

Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes lots of bug fixes, and better Windows compatibility. Now there is no need for the extra .dll files in the Windows version.

tags | tool, fuzzer

systems | unix

SHA-256 | 19bbf1fdbe1324ff2ced174a8f2d184803feb3b504d30584ac8f333a272bf693

Download | Favorite | View

Ansvif 1.5.2

Posted Jun 21, 2016

Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes a bunch of bug fixes, and manual pages. No changes to the Windows code.

tags | tool, fuzzer

systems | unix

SHA-256 | 8cbb2942a45529e4a172b71ddae8cca063120b045162d57ff421c2568ebaf477

Download | Favorite | View

Ansvif 1.5.1

Posted Jun 2, 2016

Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes drafted manpages for ansvif and find_suid, plus binaries rebuilt on Debian Jessie for i386 and amd64. No changes to the Windows release were made.

tags | tool, fuzzer

systems | unix

SHA-256 | 137f4129bf84d136fdaf3188611d5b02c8a2b428fdba539491a493f4dc8dd450

Download | Favorite | View

Ansvif 1.5

Posted May 19, 2016

Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes new ways to crash programs using things like 1, -1, 0, x00 (null), etc. Also included are some minor bug fixes. It also includes binaries for most supported operating systems, Debian/Ubuntu 32 and 64 bit, Windows 10 32 and 64 bit.

tags | tool, fuzzer

systems | unix

SHA-256 | 73cd912b4a74cd25d0860b10e7ac731500637a4876559d8d12e806dc2d99b644

Download | Favorite | View

Ansvif 1.4.2

Posted May 2, 2016

Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes bug fixes, more crash code detection for Windows, and better overall crash recognition.

tags | tool, fuzzer

systems | unix

SHA-256 | a5e74466bf5d7a40e44822cdd15c9e5cc024ccc34fa74f8f76dac9b988c0409f

Download | Favorite | View

Ansvif 1.4.1

Posted Apr 26, 2016

Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes XML output support, the crash detection under Windows has been fixed, and is tested and working in Ubuntu, Windows, and OpenBSD.

tags | tool, fuzzer

systems | unix

SHA-256 | 9d07e5503f96d0d3de861f3ec9ee443ac994d001041bc322b99a98cdf16c1d48

Download | Favorite | View

Ansvif 1.4

Posted Apr 18, 2016

Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: Various updates.

tags | tool, fuzzer

systems | unix

SHA-256 | 03aa7a13bfdfe21bdfb285637110b79d655dcbc30dbd9e6d2f05684fd284ab98

Download | Favorite | View

Ansvif 1.3.4

Posted Apr 2, 2016

Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes % hex notation for fuzzing things like browsers that accept %41 (A), etc.

tags | tool, fuzzer

systems | unix

SHA-256 | 1117d125c5524973efe272843f61fa5ff8e2598f49a747d199c4984330e5d6f2

Download | Favorite | View

AOL Instant Messenger 8.0.1.5 Binary Planting

Posted Jul 8, 2013

Authored by Marshall Whittaker

AOL Instant Messenger versions 8.0.1.5 and below suffer from a binary file planting vulnerability.

tags | exploit

systems | windows

SHA-256 | da5758570b995ade98829ed009b58ef415a94b0fdcdf1d9efe1ebb63339d6fa4

Download | Favorite | View

Perl CGI Shell

Posted Oct 15, 2011

Authored by Marshall Whittaker

This is a Perl CGI backdoor that provides shell-like capability.

tags | tool, shell, cgi, perl, rootkit

systems | unix

SHA-256 | 09fc7f09f2300df12f0b671a4184d8050707a0d7248afe5344459a60b8ed9388

Download | Favorite | View

GKrellM2 System Monitor Plugin Local Exploit

Posted Jul 20, 2010

Authored by Marshall Whittaker

GKrellM2 System Monitor Plugin local proof of concept exploit that spawns a shell on tcp/6666.

tags | exploit, shell, local, tcp, proof of concept

SHA-256 | 679a1cbd327fd993035ea613c196a669dfe405e36169f64bfe774c78a1e51358

Download | Favorite | View

iOffice 0.1 Remote Command Execution

Posted Jul 18, 2010

Authored by Marshall Whittaker

iOffice version 0.1 suffers from a remote command execution vulnerability.

tags | exploit, remote

SHA-256 | 458e25789783db51ca0ab9861ca489e7c285a19933f5c4a69b8b9b0c0ba15ee0

Download | Favorite | View