

Looking Back at Three Months of afl-fuzz - hnmcs
http://lcamtuf.blogspot.com/2015/01/looking-back-at-three-months-of-afl-fuzz.html

======
skrebbel
> _Since then, afl-fuzz helped to squash hundreds of bugs, in part due to a
> community of folks who found the tool to be fun to use._

I wonder whether a tool as unexpectedly successful as this presents the
security community with a weird dilemma: If so many people have begun to use
afl-fuzz, find problems, and report them, can't we expect that just as many
people find problems and _don 't report them_?

Now, my security expertise goes as far as "don't roll your own", so maybe all
the bugs found were, in practice, relatively difficult to exploit. But could
afl-fuzz have helped scores of blackhatters to find and abuse the next
shellshocks? If so, in hindsight, was it actually a good move to release afl-
fuzz so openly and enthusiastically?

~~~
vezzy-fnord
I don't see why you're singling out afl-fuzz when you can say the exact same
thing for every automated penetration testing tool.

There's scores of Linux distributions dedicated to bundling as many security-
related scripts as possible. If we're going to be talking about "utility to
blackhatters", there's plenty of tools that have been around for longer and
have been far more influential.

~~~
skrebbel
I'm singling out afl-fuzz because it seems to be so spectacularly successful.
In fact, this blog post is all about how spectacularly successful it is. Maybe
it isn't actually, compared to all those others tools I don't know about, but
then maybe you could've just said that and skipped the sneering? I've been
pretty forthcoming about my lack of security expertise, I'm just asking people
like you an honest opinion.

~~~
ianlevesque
Yes it was. It's safe to assume the "bad guys" have this stuff already, now
the public gets to catch up.

------
616c
The more I have heard of this guy's work, the more disturbed I am by his
skill, breadth, and depth in InfoSec.

Not to mention his insane CNC and robotics work. And that is just a freaking
hobby to him.

[https://duckduckgo.com/html?q=lcamtuf%20cnc](https://duckduckgo.com/html?q=lcamtuf%20cnc)

------
dantiberian
I'd like to see the SQLite SQL statements, are there any links available?

~~~
practicalswift
These are the crashing statements:

    
    
      SELECT n()AND+#0;
      SELECT strftime()
      DETACH(SELECT group_concat(q));
      DROP TABLE IF EXISTS t0; CREATE TABLE t0(t);
      INSERT INTO t0 SELECT strftime();
      SELECT quote(t) FROM t0
    

See
[https://www.sqlite.org/src/info/fe578863313128](https://www.sqlite.org/src/info/fe578863313128)
for the patch.

~~~
f-
Also SELECT c.* FROM (a,b) AS c;

