[Full-disclosure] PostgreSQL and Informix Function Fuzzing Tool

Joxean Koret joxeankoret at yahoo.es
Sat Dec 9 21:07:39 GMT 2006 

Hi to all!

After the Oracle PL/SQL fuzzing tool I decided to write the same for
PostgreSQL and Informix. 

Attached goes the 2 function/stored procedure fuzzers I wrote. The
unique "interesting" thinks I found were in PostgreSQL but, as the
PostgreSQL Team say, "they are more annoyances than something else". 

Anyway, attached goes POCs for PostgreSQL which makes postmaster service
consume 100% CPU resources and the tools.

---
Joxean Koret

-------------- next part --------------
A non-text attachment was scrubbed...
Name: informix.py
Type: text/x-python
Size: 4055 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20061209/7ae7c018/attachment.py 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: postgresql.py
Type: text/x-python
Size: 4457 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20061209/7ae7c018/attachment-0001.py 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: test1.sh
Type: application/x-shellscript
Size: 262 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20061209/7ae7c018/attachment.bin 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: test2.sh
Type: application/x-shellscript
Size: 254 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20061209/7ae7c018/attachment-0001.bin 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: test3.sh
Type: application/x-shellscript
Size: 250 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20061209/7ae7c018/attachment-0002.bin 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: test4.sh
Type: application/x-shellscript
Size: 218 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20061209/7ae7c018/attachment-0003.bin 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Esta parte del mensaje =?ISO-8859-1?Q?est=E1?= firmada
	digitalmente
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20061209/7ae7c018/attachment-0004.bin

Full-Disclosure is hosted and sponsored by Secunia.