- On 21. Nov 2017
Over the last weeks I presented talks on the topic of fuzzing at conferences such as DefCamp, Heise Dev Sec, IT-SeCX and BSides Vienna. As promised, I make my slides and demos available to the public with this blog post .
The slide deck containing all slides from the conferences.
Read more about fuzzing in my last blog post “Hack the Hacker – Fuzzing Mimikatz On Windows With WinAFL & Heatmaps (0day)”
CTF Challenge “Chat” (SECCON CTF – Try to find the vulnerabilities)
Using breakpoints to extract coverage information. Example with Adobe Reader.
Demonstration on finding the start and end address of the target function which should be fuzzed in-memory (Example with HashCalc).
In-memory fuzzing of HashCalc with WinAppDbg (750 exec / sec)
In-memory fuzzing of HashCalc with DynamoRio (170 000 exec / sec)
Fuzzing interactive applications with a self written fuzzer to discover deep bugs (which are not found per default by AFL)
This research was done by René Freingruber (@ReneFreingruber) on behalf of SEC Consult Vulnerability Lab.
SEC Consult is always searching for talented security professionals to work in our team. More information can be found here.
STAY UPDATED – FOLLOW US ON TWITTER