The blog continues at suszter.com/ReversingOnWindows

December 16, 2010

Fuzzer protocol and handler

There is no fundamentally new thing here I just want to note how a simple solution can be both powerful and flexible.

I test rich media files in browser. Although I could open them directly in the browser using file protocol I rather create wrapper HTML files embedded the rich medias in them and use http protocol. Along with this I have more control over the testing -- I can set properties for the embedded media, can navigate to an other HTML page which contains another rich media, or can just refresh the page, etc...

What if I want more control? I tell an example. If the browser crashes on an altered embedded file of HTML, once the browser relaunched, I need to open the following HTML file to continue testing from the point crash occurred at. So I want to set an environment variable regarding which HTML file is being opened.

I could use script languages embedded in the HTML files. I already use Perl to launch the fuzzer but this time I should set-up the system to run Perl script in the browser. I don't like this much for two reasons. What if I want to run native code in the future? There might be a solution for this but I should code both Perl and some native code. I'm not an expert in script languages it would take time to me to make the things working. So I looked after alternatives.

It seems to be obvious solution to register my program to a URL protocol. I need the .REG file that registers the protocol. I need a tiny change in the HTML file to call the newly developed fuzzer:// protocol with the appropriate token. Last, I need the protocol handler which is the program I want to run when the protocol called from the HTML.
  This blog is written and maintained by Attila Suszter. Read in Feed Reader.