Re: Fuzzing Bind

That looks like a bug. Please fill a GitLab issue so there’s a permanent record of it. Most probably this is due some combination of configure flags that we don’t use in testing. Ondrej -- Ondřej Surý — ISC (He/Him) My working hours and your working hours may be different. Please do not feel o

Re: Fuzzing Bind

Thanks, Ondrej, for the pointers and detailed information. I read through bin/named/fuzz.c, and it seems like the AFL fuzzing works only in the persistent mode due to this check in fuzz.c . That means it has to be compiled

Re: Fuzzing Bind

On 05/08/2021 17:57, Siva Kakarla wrote: > Thanks, Daniel, that is also a great idea. I am trying to see if I can > get the standard fuzzers like AFL to work for my use case, but if I > can't then I will try the idea you suggested.  This also rather cool: https://github.com/DNS-OARC/dns-benchmarki

Re: Fuzzing Bind

You can use dnspython to generate wire format. Generally, I think that writing more specific fuzzers on top of APIs that consumes user input would be more useful than just fuzzing `named`. F.e. it should be possible to write a fuzzer that takes multiple DNS messages as input (starting with quer

Re: Fuzzing Bind

Thanks, Daniel, that is also a great idea. I am trying to see if I can get the standard fuzzers like AFL to work for my use case, but if I can't then I will try the idea you suggested. On Thu, Aug 5, 2021 at 8:39 PM Ed Daniel wrote: > On 05/08/2021 13:37, Siva Kakarla wrote: > > Hello Everyone,

Re: Fuzzing Bind

Thanks, Ondrej, for the reply. Fuzzing responses is the second part, I would say. For now, I am only fuzzing the authoritative server, so fuzzing named with queries would be a good starting point. I will check the GitHub repository you pointed out. The instructions for running AFL work great, tha

Re: Fuzzing Bind

If you want to get your hands dirty, I would recommend looking at https://github.com/dobin/ffw, but for useful fuzzing, this would also need a more complicated client fuzzing support because you don’t only want to fuzz the queries, but also responses given by “fake” authoritative servers and you

Re: Fuzzing Bind

-- Ondřej Surý (He/Him) ond...@isc.org > On 5. 8. 2021, at 14:37, Siva Kakarla wrote: > > Hello Everyone, > > I am trying to understand and set up a fuzzer for the Bind DNS > implementation. My current goal is to fuzz the authoritative server with > queries. > > I have looked around and ca

Re: Fuzzing Bind

On 05/08/2021 13:37, Siva Kakarla wrote: > Hello Everyone, > > I am trying to understand and set up a fuzzer for the Bind DNS > implementation. My current goal is to fuzz the authoritative server with > queries.  > > I have looked around and came across different fuzzing engines, but I > have som