[tux3]

>Yeah, netcat would be fun. Although, it seems that it also straces (or similar?) the app it tests.

Ah yes, I forgot this little detail. I wonder if you can get it to work on the local machine first, but talking throught a socket instead of stdin.

Then, pipe the result throught netcat !

[tptacek]

Conceptually the output generation and the trace collection aren't coupled. As long as you can (a) instrument the target to collect traces and (b) programmatically feed it variant inputs, the same technique will work.

(This isn't a new concept, although afl is a particularly tight implementation of it; you can look up the paper for "autodafe" for a (much) earlier version).

[jacquesm]

> autodafe

That's got to be the funniest and most appropriate name for a piece of software ever.

[fluxist]

It's what you oughtn't to do but you do anyway :)