Fuzzing 101 – PHDays 9

Fuzzing 101 – PHDays 9

So, this year Cognosec consultants Zubin Devnani and Dhiraj Mishra delivered a workshop in PHDays 9 – Russia on fuzzing. This workshop was mainly focused on an introduction to fuzzing using American Fuzzy Lop (AFL) and Address Sanitizer (ASAN).

Fuzzing techniques enable the detection of vulnerabilities such as buffer overflows, integer overflows, format string vulnerabilities, use after free.

The prime focus of the workshop was the to cover the following topics: Blind and input-based fuzzing using AFL, finding memory bugs using ASAN with AFL integration, protocol fuzzing – HTTP, FTP, SMTP.

This workshop gives the audience a detailed overview about blind, input based fuzzing, finding memory bugs. The workshop was then concluded by showcasing multiple bugs found during the research.

Intro to Fuzzing

The fundamentals of fuzzing, understanding why fuzzing is needed and how to make the process of fuzzing efficient.

Smart Fuzzing

We will look at using American Fuzzy Lop, which demonstrates the process of compile time instrumentation. We will understand the color code in AFL, process timing, stages, findings, yields, path geometry and stability. We will integrate address sanitizer (ASAN/MSAN) which helps in identifying address and memory corruption bugs, making the process smarter.

Triage Analysis

We look at proof-of-concepts generated by AFL during the fuzzing process, attaching it to the actual binaries to see, how the input is handled by the binaries.

Fuzzing-101_PHDays

Slides: Fuzzing-101_PHDays.pdf

Ubuntu OVA file: Ubuntu_Fuzzing101.ova  : Size: 4.x GB, 4GB RAM, 40 GB HD.
Username: PHDays
Password: E@sy

Leave a Reply