37C3 - Fuzz Everything, Everywhere, All at Once
- Title:
- 37C3 - Fuzz Everything, Everywhere, All at Once
- Description:
-
more » « less
https://media.ccc.de/v/37c3-12102-fuzz_everything_everywhere_all_at_once
Advanced QEMU-based fuzzing
The maintainers of the AFLplusplus open-source project show crazy new ways to (ab)use QEMU to explore difficult, binary-only targets through fuzzing.
We present a proof of concept using AFL++ and QEMU to find command and SQL-injections, going beyond the classic fuzzing for memory corruption.
We also present a scalable approach to fuzzing binary-only code with LibAFL and QEMU, showcasing how to build a custom fuzzer to test Android libraries without using a phone.
In this talk, the maintainers of the AFLplusplus organization present the QEMU-based instrumentation engines developed as part of AFL++ and LibAFL to fuzz advanced binary-only targets. We discuss our extensions to QEMU, the well-known emulator, to allow high-performance, cross-architecture fuzzing and target instrumentation. Finally, we demo a proof of concept using AFL++ to find injection vulnerabilities in the binaries, going beyond the typical fuzzing for memory corruptions.
We then present LibAFL QEMU, a library that offers convenient APIs to hook the target using Rust. Unlike other public fuzzers, tools built with LibAFL can scale over cores and machines to find vulnerabilities faster and at a large scale. We also showcase how we built a custom fuzzer for a binary-only Android library using this new emulator API for fuzzing that scales to 96 cores almost linearly, reaching a whopping number of executions per second!
domenukk
van Hauser
Dongjia Zhang
andreafioraldi
Addison Crumphttps://events.ccc.de/congress/2023/hub/event/fuzz_everything_everywhere_all_at_once/
#37c3 #Security
- Video Language:
- English
- Duration:
- 40:43
C3Subtitles edited English subtitles for 37C3 - Fuzz Everything, Everywhere, All at Once | ||
C3Subtitles added new URL for 37C3 - Fuzz Everything, Everywhere, All at Once | ||
C3Subtitles changed primary url from http://www.youtube.com/watch?v=yH_XPh_9Svo to http://www.youtube.com/watch?v=yH_XPh_9Svo | ||
C3Subtitles added a video: 37C3 - Fuzz Everything, Everywhere, All at Once |