
Pulling JPEGs out of thin air (2014) - rayraegah
http://lcamtuf.blogspot.com/2014/11/pulling-jpegs-out-of-thin-air.html
======
lachenmayer
Really cool! I recently happened to have a similar idea when I came across the
rust-fuzz crate, which abstracts over afl, honggfuzz etc.

If you're interested, my notes are here:
[https://github.com/lachenmayer/insta-
fuzz](https://github.com/lachenmayer/insta-fuzz)

I ended up "cheating" a little bit by providing a valid JPEG header - I found
that rust-fuzz seemed to take far too long to generate any valid JPEG at all
by starting from eg. an empty file. But maybe I just wasn't patient enough,
after all I was only running it on my laptop :)

~~~
stordoff
The author does note in the comments:

> Note that by default, afl-fuzz runs on a single core, so it may take several
> days to get results

~~~
yjftsjthsd-h
That's a little annoying, but it looks like it's not too terrible to fix:
[https://github.com/mirrorer/afl/blob/master/docs/parallel_fu...](https://github.com/mirrorer/afl/blob/master/docs/parallel_fuzzing.txt)

------
Twirrim
I've used this in the past (inspired by this) to produce some valid json. Of
course, a jpeg is at least pretty. Valid JSON is still just boring old JSON.

------
piinbinary
That could make an interesting piece of art

~~~
k9wolf
Quite abstract art but true, interesting how that happens

------
Double_a_92
Where did it get that "Hello Kitty" image from?

------
nomadiccoder
Why do some websites eternally not let you back to the previous page when
clicking the back button?

~~~
hannob
It's a redirect.

The link goes to the HTTP version of blogspot. This redirects you to HTTPS. If
you click "back" you are back at the HTTP version, which will redirect you
again.

Yeah, browsers could be smarter about this.

~~~
jorams
> Yeah, browsers could be smarter about this

I'm not sure they could. If the [http://](http://) URL would have responded
with a redirect to [https://](https://), the back button would have worked
just fine. Instead it responds with a perfectly normal page that then does
this:

    
    
        if (location.protocol == 'http:') location.protocol = 'https:';
    

Blogspot is such a mess, it's the perfect example of Google not necessarily
being technically competent.

~~~
Cthulhu_
Yeah that should be a proper permanent redirect on a webserver level. Did
Google make Blogspot themselves or did they buy it and never made it conform
to normal web page practices?

~~~
tsukurimashou
Google bought Blogger in 2003, Blogger was launched in 1999

