Provided by: bfbtester_2.0.1-7.1_amd64 bug


       bfbtester - Brute Force Binary Tester


       bfbtester [-htv] [-d level] [-r rejects] [-o out-file] [-x max-execs] -a|[-sme] files ...


       BFBTester  is  great  for  doing  quick,  proactive,  security  checks of binary programs.
       BFBTester will perform checks of single and multiple argument command  line  overflows  as
       well  as  environment  variable  overflows. BFBTester can also watch for tempfile creation
       activity to alert the user of any programs using unsafe tempfile  names.  While  BFBTester
       can  not  test all overflows in software, it is useful for detecting initial mistakes that
       can red flag dangerous software.


       You must specify one or more of the following tests:

       -s     Single Argument Test.

       -m     Multiple Argument Test.

       -e     Environment Variable Test.

       -a     Selects all tests
              Other options:

       -h     Print help.

       -t     Enable tempfile monitoring.

       -v     Print version string.

       -d level
              Set debug level (default = 0, max = 2).

       -r rejects
              Comma separated list of binaries to skip.

       -o out-file
              Output to out-file rather than stdout.

       -x max-execs
              Set maximum executables to run in parallel (default = 250).

       file   Specific binary or a directory of binaries to test.


       You must specify at least one test to run and you  must  specify  either  a  binary  or  a

       Executable selection is now done in one of several ways:

       If  the  executable  filename  is  specified  with  a leading slash (an absolute path), no
       selection is used and the supplied absolute filename is used.

       If there is no leading slash in the filename the selection is made in one of two ways  (in
       this order):
         1) Prepend file name with $PWD and test accesiblity
         2) Search through $PATH and find first accessible executable The first one to succeed is
       the executable choosen.

       If the filename found is a directory, we walk the directory (one level deep)  looking  for
       executable binaries.

       Symbolic links are followed.

       You  can  specify binaries to skip (useful when loading a whole directory) by using the -r

       The following is a crash report:

       *** Crash </usr/bin/patch> ***
        args:           -D [05120]
        envs:           (null)
        Signal:         11 ( Segmentation fault )
        Core?           Yes

       This means "/usr/bin/patch" crashed when fed with an "-D"  and  a  word  5,120  characters

       $ /usr/bin/patch -D AAA...5,120 characters...AAA

       (Numbers in brackets mean replace with a word that many characters long)

       BFBTester  is  very CPU intensive, and will open many files, so you probably don't want to
       run it on a production machine during it's busiest period. Just a warning...


       bfbtester -s /usr/bin
              Run the single argument test on all binaries in folder /usr/bin.

       bfbtester -ta patch traceroute
              Run all tests against patch and traceroute and run the tempfile monitor.

       bfbtester -a ./bfbtester
              Tests bfbtester (provided it's in the same directory).

       bfbtester -r kill /usr/bin/kill
              Does nothing.


       This manual page was written by Karl Soderstrom <>, for the Debian  GNU/Linux
       system (but may be used by others).

                                         januari 23, 2001                            BFBTESTER(1)