Overview
Explore advanced techniques for testing Action Message Format (AMF) applications in this Black Hat USA 2012 conference talk. Delve into the challenges of bug hunting in AMF-based applications and discover a new automated gray-box testing approach. Learn about Blazer, a Burp Suite plugin that revolutionizes AMF fuzzing by dynamically generating objects from method signatures. Gain insights into improving coverage and effectiveness when targeting complex applications, and examine real-world vulnerabilities uncovered using this innovative tool. Follow along as the speaker demonstrates the methodology using Adobe BlazeDS as a server-side reference implementation. Acquire practical knowledge on making AMF testing more robust and efficient, covering topics such as authentication, SQL injection, and best-fit heuristics.
Syllabus
Intro
About me
Introduction and context
AMF for end-users
AMF for old-school hackers
AMF for web hackers
Adobe BlazeDS
Action Message Format (AMF)
State of art (research, tools)
Testing remote methods, today
Enterprise-grade applications
Security Testing Areas 36 Authentication
Say hello to Blazer
Blazer vo.2
Blazer - Architecture 2/2
DEMO 1
Blazer - Core techniques 1/3
Test case: SQL injection
Blazer - "Best-fit" heuristics 2/2
Coverage and Scalability
AMF Security Testing with Blazer 36 Authentication
Conclusions
Future improvements
Taught by
Black Hat