|File Size||0.00 KB|
Dataflow-0.3.0 is now available
New features are available:
1. Module’s functions recovering from binary code without any additional information;
2. Binary program test SDK creation;
3. Test loading to target binary program’s address space. Test executing. An analyzed binary continues executing in same mode as before test loading.
Thus, Dataflow-0.3.0 version can be used for in memory fuzzing performing.
You can download utility, watch screenshots and release history from MaiWay project home page . Dataflow is MaiWay project part. The Dataflow tutorial (http://artem.ufoctf.ru/?p=164&lang=en) is also available. Enhanced features are described in The Dataflow tutorial. Part 2 (http://artem.ufoctf.ru/?p=339&lang=en). Please, feel free send bug reports, suggestions etc. to authors.
You can generate functions prototypes from binary module that looks like:
= ( int ( __cdecl * ) ( void) ) 0x401120;inline int __cdecl functionstest2_sub_1120( int a )
mov EBX, a
return functionstest2_sub_1120__( );
After that you can develope some tests ( may be fuzzing actions ):
void StartTest( void )
functionstest_sub_10C0( 88, 77, 66, 55 );
functionstest_sub_1080( 33, 44, 55, 66 );
}BOOL APIENTRY DllMain( HMODULE hModule,
)void StartTest( void )
Buid it and execute in analyzed program address space with one click ( 3 clicks in deed ).
Test executed, module's internal functions are fuzzed. After that program countinues its normal execution.
Thanks for attention