Thursday, 15 October 2015

fuzzing LibreOffice input events with american fuzzy lop




This is a demo of using the american fuzzy lop fuzzer as an engine to drive LibreOffice UI testing by fuzzing serialized keyboard input events.

For demo purposes the UI is visible here, but it can be run headlessly too. Given enough time afl can fuzz the initial input text of hello into keyboard shortcuts to enter menus and launch dialogs.

I think the concept is pretty neat and fun, but this is still experimental stage stuff that I'm playing with and trying to up the performance.