Kind of a side note, but I really hate how many relatively important discussions happen on Discord these days instead of forums... They aren't indexed/searcchable by search engines or archived by archive services, so they're just gone forever.

This was a good overview, but the second approach shows why it's always super important to make the small changes needed in example programs to use afl-clang-fast. You could have done a months worth of your current approach in a day with the speedup. It's going to be very difficult to ever find something at 100 execs/sec.

love to see that you are still wearing the ccc entrance band 😄 was nice meeting you there!

thank you for your crystal clear explanation

Dein Content und dein Kanal sind genial! Wie immer absolut krasses Video!

Very good video. When you try to subscribe to the hextree updates and do not mark the "I accept and read the privacy policy" there is no feedback for not checking the checkbox. Only in the developer tools I was able to see my mistake.

I love your fuzzing videos!

love you man

amazing. deep respect from South korea, man

A Crowdstrike desaster deep dive would be a nice comeback video. Just saying 😜

excellent video and well explained as always🙏👏👏👏

Only i know how much i have waited for this video to be released

This was great!

Rocks as always

Is this what they call unit fuzzing?

Curious how oss fuzz is doing stuff at their scale and budget. Finding target functions for individual fuzzing like the Huffman table function, while at the same time having input that maps cleanly back into the source input file

Bruh, are you alive? Waiting for your video on something for about a month now.

Where is Mr Live Of? Has a letter agency taken him out as he was just about to reveal their under cover operation?

a really good video, i am also making content with ctf broo. Thank you for your knowledge

at minute 21:04 there is a mistake in the graphics. it should be 520>500 and not 520>410, which was the input value from before

Can you share the discord server that you found about AFL fuzzing?

Vanhauser-thc is the author of hydra tool?

so would you say that the PoC file that cause the crash actually is a valid format ? no malformed sizes no malformed data but the processing of the data tables will cause a representation that will cause later a corruption in the decoder of libweb ?

At 21:04 there probably should be 500 instead of 410. But thanks for the great video.

Cool stuff

Thankyou For the video, I believe you are using a MacBook, what precautions you are taking to not burn out the SSD, are you mapping temp folder to memory drive? Just curious

What happens if you use qsym/hybrid fuzzing techniques? I read the paper (well, most part) about it and it claims *speed*

That's interesting. I guess you'd have to read the webp spec to see how the image data translates into building those tables, then go from there. It might require so many combinations of data that doing it naively would end up as a hard as finding a hash collision or brute force decrypting. On another note, and it's a long shot, does anyone know a utility that can load a thread binary image so that it can be 'debugged'. It's something I do not want to run freely, and it is obfuscated so needs to run only as far as the obfuscation is removed, then dumped, and then terminated. I was thinking the bare minimum that loads the thread but throws an error before it runs for a debugger to catch. That way it would never run without the debugger ready to catch it. Extremely simple, but I cannot program 'C, C++, C#, and etc,' and can only do a small amount of Python so far. The thread needs whatever windows has ready for it on the stack in normal operation (0x18 bytes worth it looks like from the disassembly) - there is no input from the original hosting program.

i wonder if this could full reproduce with AFLgo ? as AFLgo can take 2 diff of checkouts and direct fuzz ... i wonder if this would have reproduce this complex bug .. i know its "defacto" and not actually finding the issue... still interesting ..

Nice video

I had been watching your content for almost 10 years now. I really love it, but I have to be honest every time I watch any of your videos I feel really dumb because unlike most youtuber your craft is just way too high level. I really like what you can do with this tool and is something I would like to learn how to use since im the cybersecurity field. would you mind dumb things down a lit?Like making a tutorial on this tool, like how to properly set it up, then picking a random program to test it on?

How does AFL++ compare to libfuzzer from the llvm project? Could be a nice video.

Hans, where are you? We miss you. Come back.

I wish you did more minecraft stuff. that was fun and kinda why i subbed to you xD ... i mean either way your videos are great !

Please Help!!!! Are new Mac's with new M series apple chips good for binary exploitation, android and windows pentesting? Because i heard that you have to a wrok arounds to run like kali linux, also some essential tools not designed to work on these new architecture M chips.

It's always nice to see a pocke level that's more conventional, because they do them so well, as much as their experimental stuff is impressive, I was never a massive fan of it.

great video. still wearing your congress wristband i see :)

guess I missed you at the CCC

I WANT A POC OF .webp Image to run “whoami” !!! 😂😂

Make it’s own live KZbin channel to your fuzzer 😂 Also what discord channel is that one?

afl++ is way harder than we think 😑😓

Overflow?

next video whennnnnn!!!!!!!!!!!!!!!

Question for the greater cyber sec community. How applicable is binary fuzzing to your work? This is something that I really want to get into but seems like it is far from applicable in my work so far.

In the end, fuzzing is supporting tool, but cannot test things for developers "magically". So at this point, there needs to have some knowledge and experience on how (and what) to fuzz, just like pentesting

epic

funny to see you’re using your minecraft server to also do these. stuff lol

Push!

tmux would have been a better option than screen.

1:45AM HUFO here: Fuzzing is dumb, the moral should not be duplicate your code to make it more secure and the way they found the vuln was reading the code and understanding an attacker's input can go to the function where an assumption on it would be incorrect.

unaliveoverflow

Here's a challenge - Create a distributed fuzzing client. One person fuzzing for 100 days? Naa. 100 people fuzzing for 1 day? Way easier. 10,000 people fuzzing for awhile? Should find SOMETHING :p

My theory of how they found it: formal methods.

@22:50 are you quite sane? Avoiding code duplication improves readability and maintainability. Why would you copy the same code into 5 different functions, just to make fuzzing easier?

I don't get it. Why are so many security-aware people using discord? Its such an awfully bad choice in the scope of communicating with integrity, confidentiality and availability. Someone please enlighten me.

You Can Be Turkey Pro.

Noice

after doing deep investigation on the code and what you have fuzzed , your choice of fuzzing that API is useless . this doesn't have any understanding between your crash and to the original data that is from the file , the data transformation is what you have fuzzed and to get the needed data to put in a file require to find what is the de-transformation that is needed in order to put it back into a file.

I'm two and a half minutes in and I still don't know what fuzzing is

cute

Please make a video PUBG lite 0.27.0 32bit vtable hooking please

I heard this guy got thrown in jail for saying something against the rules in Germany

nowadays with chatgpt youtube bloggers becoming useles kek

Please make a video PUBG lite 0.27.0 32bit vtable hooking please