So, I am having a glance at Greg Conti's Book "Security Data Visualization" ("http://nostarch.com/securityvisualization.htm") and I got to wondering: is there a way we could apply some of the visualization techniques to better understand how to fuzz a file?

Well I put together a Python script using PIL that essentially reads in a file, and then plots a red pixel for printable bytes and and leaves it white if its non-printable, rudimentary but works. Here are some of the results:


http://bughunter.ca/openrce/dll.png
(This is a dll file loaded, you can see clearly the beginning structure of the dll)


http://bughunter.ca/openrce/python.doc.png
(This is a MS Word document, you can clearly see the text position, as well the top and bottom portions where the best spots to fuzz are)


http://bughunter.ca/openrce/win32-shellcode.pdf.png
(This is a PDF document, because a lot of the PDF directives are plaintext you can see them clearly in this document at the top)


http://bughunter.ca/openrce/xls.png
(This is a small MS Excel document, again its quite clear where the control structures would be located)



And here are two captures of a normal exe and the same exe that was UPX packed. Can you tell which is which?


http://bughunter.ca/openrce/test.exe.png http://bughunter.ca/openrce/test2.exe.png


https://www.openrce.org/blog/view/922/Visual_Patterns_for_File_Format_Fuzzing