Perform fuzzing of different GPL or AGPL licensed codes written in different languages.
- oscommerce GPL php
- KonaKart LGPL java
- zen cart GPL php
- spree BSD ruby
- Apache OFBiz Apache java
- ce phoenix GPL php
I have to deliver a:
- .zip or .tar.gz file containing the following files: -Written report in pdf format -Link to the analyzed source code -Scripts used for fuzzing (.sh or .bat)
The written report should include:
-Description of at least 3 vulnerabilities present in the source code.
-Name of software, version and operating system used for fuzzing.
-Results obtained from fuzzing.
So where have you got to? Members here will do their best to help you with your homework, but no one here is going to do it all for you.
sorry man, i need the first part lonely, or know who can do it
It sounds harsh, but if you’re taking the course, you should be able to do it*. And, call me old-fashioned, but if you can’t, you shouldn’t pass the course.
( * unless you’ve got a terrible tutor, of course.)
So, lets start with the basics; cause if you cant answer these, you wont be able to do the work, and you shouldnt be able to do the work.
What is fuzzing? How do you do it?
What are you looking for when you do fuzzing? What would you expect to see/report on?
What environment will you be doing the fuzzing in?