Pre-fuzzing analysis with Ghidra vs Ida
A greybox fuzzer named BSFuzz was written for the purposes of fuzzing em-bedded systems that do not have source code availability. Detour instrumen-tation is thus used. The fuzzer hooks onto compatible portions of the binary supplied during pre-fuzzing analysis allowing for fuzzing even without sour...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project |
| Language: | English |
| Published: |
2019
|
| Subjects: | |
| Online Access: | http://hdl.handle.net/10356/78986 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| Summary: | A greybox fuzzer named BSFuzz was written for the purposes of fuzzing em-bedded systems that do not have source code availability. Detour instrumen-tation is thus used. The fuzzer hooks onto compatible portions of the binary supplied during pre-fuzzing analysis allowing for fuzzing even without source code availability. The current pre-fuzzing workflow uses IDA. With the release of Ghidra we are finally able to compare IDA with another indus-try standard Software Reverse Engineering (SRE) tool and determine the strengths and weaknesses of both IDA and Ghidra. This would allow us to determine which tool to use for which architectures allowing BSFuzz to have greater code coverage. The project details the implementation of the existing IDA script rewritten for Ghidra and a comparison between IDA and Ghidra for several binaries of different architectures. |
|---|