Share
## https://sploitus.com/exploit?id=A098D50C-565B-577C-9EDE-BB72124ABD5E
# Fuzzing Portfolio Project: Heap Overflow Discovery

**Author:** Fuad  
**Date:** February 2026  
**Duration:** 4 days  
**Tools:** Python, GCC, ASan, GDB

## ๐ŸŽฏ Project Overview

Custom mutation-based fuzzer that discovered a heap buffer overflow vulnerability in a JSON parser through automated testing. Includes full vulnerability analysis, proof-of-concept exploit, and remediation recommendations.

## ๐Ÿ” Key Achievements

- โœ… Built custom mutation-based fuzzer from scratch
- โœ… Discovered heap buffer overflow (CWE-122) in  64 characters

### Root Cause
```c
32  char* result = malloc(64);  // Fixed allocation
...
61  memcpy(result, start, len);  // No bounds check! ๐Ÿ’ฅ
```

### Impact
- Denial of Service (guaranteed crash)
- Memory corruption (heap metadata overwrite)
- Potential RCE (with additional primitives)

## ๐Ÿ“Š Test Results

| Test Case | Input Size | Result |
|-----------|-----------|--------|
| Control | 50 bytes | โœ… No crash |
| Edge | 63 bytes | โœ… No crash |
| Minimal Overflow | 65 bytes | โŒ **CRASH** |
| Large Overflow | 100 bytes | โŒ **CRASH** |
| Massive Overflow | 500 bytes | โŒ **CRASH** |

**Crash Boundary:** 64 bytes (exact)  
**Reproducibility:** 100%

## ๐Ÿ”ง Technical Skills Demonstrated

### Fuzzing
- Custom mutation strategies (8 techniques)
- Coverage-guided feedback loop
- Crash deduplication (MD5 hashing)
- High-speed execution (27k/sec)

### Vulnerability Analysis
- Root cause identification
- Memory forensics with GDB
- ASan report interpretation
- CVSS scoring

### Exploit Development
- Controlled overflow demonstration
- Boundary testing
- Automated PoC framework

### Security Engineering
- Compiler hardening (ASan, FORTIFY_SOURCE)
- Secure coding recommendations
- Defense-in-depth strategies

## ๐Ÿ“š Documentation

- **[CRASH_TRIAGE_REPORT.md](CRASH_TRIAGE_REPORT.md)** - Full vulnerability analysis
- **[poc_heap_overflow.py](poc_heap_overflow.py)** - Exploit proof-of-concept

## ๐ŸŽ“ Learning Outcomes

1. **Fuzzing Fundamentals** - Built fuzzer from scratch, understand mutation strategies
2. **Vulnerability Discovery** - Found real bugs in = 64) len = 63;  // Truncate to fit
```

## ๐Ÿ“ˆ Fuzzer Performance

- **Executions/sec:** 27,000
- **Time to crash:** < 1 second
- **Unique crashes:** 6+
- **False positives:** 0

## ๐Ÿ› ๏ธ Tools Used

- **Python 3** - Fuzzer implementation
- **GCC 11+** - Compilation with sanitizers
- **AddressSanitizer** - Memory error detection
- **GDB** - Debugging and forensics
- **Git** - Version control



---

**Note:** This is a security research project on intentionally vulnerable code. Do not use these techniques on systems without authorization.