• Stars
    star
    126
  • Rank 284,543 (Top 6 %)
  • Language
    HTML
  • Created over 4 years ago
  • Updated over 4 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Windows Graphics Device Interface (GDI+) fuzzer

Windows Graphics Device Interface (GDI+) fuzzer

this project including

  • harness to fuzz GDI+ via transform emf to wmf
  • test corpus with good coverage
  • vulnerability POC & report generated by BugId

result

Note

Since the bottleneck of fuzzer is the IO performance of the disk, the use of RAMDISK can effectively speed up this process.

But remember to make a snapshot for your vm-machine or you may lost all of your files.

some of my vulnerability which could be triggered in Microsoft Powerpoint get lost in this way ,will attach them if recovered.

happy bug hunting!

CVE-ID?

At that time I go on holiday ,left the fuzzer just running day after night. so I forget to report these vulnerabilities at all ,most of them get patched in Microsoft July patch tuesday. patch

credit

Personal project created by Wenxu Wu(@ma7h1as)