January 29, 2012

Fuzzing Control Transfer Instructions

Earlier last year, I wrote about my Flash fuzzer for example here and here.

This weekend I just added a little improvement to it. Since I was able to reach the byte codes of DoABC tag and to parse them, there is a lot of possibility to implement fuzzing opportunities by little changes.

What I did is the ability to alter control transfer instructions for ifeq, iffalse, ifge, ifgt, ifle, iflt, ifnge, ifngt, ifnle, ifnlt, ifne, ifstricteq, ifstrictne, iftrue, jump to change the target address of them. These instructions take only one operand that is fixed-length: 24-bit signed integer that is 3 bytes, so it was very straightforward to parse and change them.

One thing I wanted to pay attention that is the target of jumps should be within the region of the method but it was quick to implement this because the method addresses and sizes are already available from the parser info.

January 1, 2012

Unexpected Thickness of SplitContainer

I haven't really been involved in C# apart from spent the whole 2011 to reverse engineer MSIL code at work but that wasn't about programming; it was about to debug .NET code without using reference to source code, but in fact, none of real programming experience.

My role has been changed at work, and it's unlikely I will continue with .NET anyhow. This is a great opportunity for me to fill my freetime with C# programming - I find .NET interesting, have the (low-level) basics of the virtual machine after all, and people say it's (very) straightforward to get on with it at development point of view.

Here is the first impression involving SplitContainer.

I needed to split the screen into three panels. SplitContainer divides the display area into two panels, but when you use only one instance, you cannot really use it to divide the display area into three panels. I managed to use two SplitContainers to divide the display area into three panels. There is the main SplitContainer, and there is the secondary SplitContainer put on one panel of the main SplitContainer's. I had three panes and I thought that was it.

I set SplitterWidth to 1 on both of SplitContainers to narrow the thickness of the splitter. Launched the program to check if it looked as expected, but in reality, it didn't. Here is how it looked.

As you can see above that the splitter of the secondary SplitContainer was not as thick as the splitter of the main SplitContainer. It's interesting because, on the design view, it looked good.

I set SplitterWidth to 2 and checked the result but the thickness of the splitters have different sizes when started the program.

I set SplitterWidth to 4 and surprisingly the result looked good. The splitters, however, were too wide to use it in a program. You can see ot on the picture below.
The solution is as follows. I don't know the root cause of this but I realized if I set SplitterWidth to 1 in the constructor of the Form, the splitters' wide have the same size, as seen below.

Above experiences are with Microsoft Visual C# 2010 Express.
  This blog is written and maintained by Attila Suszter. Read in Feed Reader.