echo "0xHat Security"

American Fuzzy Lop a.k.a AFL is a great fuzzing tool, however to make it work effectively , we need to make to take to take care of certain aspects. This post I will discuss about 'Harness' Today I will show the approaches I took which led to an improved fuzzing results. Well I didn't get any successful crash during the short period of run but however the results improved - paths, map coverage, etc I decided to fuzz the following application called "inih", which is an .ini file parser written in C Link to Code in Github : https://github.com/benhoyt/inih The first code I used is a sample provided from a sample example which is provided in the sample directory. Modification 1 : None. I just tried to compile the sample test application and fuzz it Code 1 :  Result 1 : Well we can see "odd, check syntax". It means that AFL is not able to find new paths, also we can see that the cycles are increasing but no new paths detected. So I decided

I have an old TP Link Router and I thought if its possible to reverse the firmware and see if there are anything interesting or not. I grabbed the firware from the website and downloaded it locally root@vultr:~/tplink_rev# wget https://static.tp-link.com/resources/software/TL-WR740N_v1v2_100910.zip --2018-09-19 16:46:26--  https://static.tp-link.com/resources/software/TL-WR740N_v1v2_100910.zip Resolving static.tp-link.com (static.tp-link.com)... 23.67.166.40 Connecting to static.tp-link.com (static.tp-link.com)|23.67.166.40|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 2902988 (2.8M) [application/x-zip-compressed] Saving to: ‘TL-WR740N_v1v2_100910.zip’ TL-WR740N_v1v2_100910.zip                 100%[=====================================================================================>]   2.77M  --.-KB/s    in 0.01s 2018-09-19 16:46:26 (220 MB/s) - ‘TL-WR740N_v1v2_100910.zip’ saved [2902988/2902988] Uncompressing the zip file we get a PDF fi