Explore file format fuzzing techniques for uncovering media bugs in Android systems in this 22-minute DefCamp conference talk. Dive into topics such as data size, logging, auto triage, and auto tombstone mechanisms. Learn about the specialized tool used for fuzzing, and gain insights into generating test data, bitflipping, and analyzing crash results. Discover how to determine exploit potential and explore additional mutation methods, including Franken certs and medium miles. Examine other techniques like Palm branch and Intel branch, and understand their applications in Android security testing. Enhance your knowledge of mobile security vulnerabilities and fuzzing methodologies in this informative presentation from the renowned DefCamp conference on Hacking & Information Security.
Finding Media Bugs in Android Using File Format Fuzzing - DefCamp - 2015
Overview
Syllabus
Intro
Data size
Logging
Auto triage
Auto tombstone
Trash mechanism
The tool
Questions
Windows
Open Source
Generating data
Bitflipping
First test cases
Number of crashes
Exploit
Exploitable or not
Resources
Other ways of mutation
Franken certs
Medium miles
Other techniques
Palm branch
Intel branch
Conclusion
Taught by
DefCamp
