Explore advanced techniques for exposing hidden exploitable behaviors in programming languages using Differential Fuzzing. Learn about the technical aspects of analyzing unexpected behaviors in interpreters, including methods to detect over 20 different types of issues beyond crashes. Discover practical examples of identifying undocumented functions allowing OS command execution, sensitive file content exposure in error messages, unexpected native code interpretation, and potential vulnerabilities in constant naming. Gain insights into the capabilities of differential fuzzing, with a focus on JavaScript, Perl, PHP, Python, and Ruby. Includes a special release of the fuzzer and covers topics such as fuzzing processes, input analysis, software examination, and automated output analysis techniques.
Overview
Syllabus
SPEAKER BIO
1.3. How: Fuzzing Process
1.3. How: The Input
1.3. How: The Software
1.4. Why? To automatize the output analysis
Common Fuzzing: Crashes
2. Crashes: XDIFF Output - Valgrind
2. Crashes: XDIFF Output - Return Codes
2. Crashes: XDIFF Output - Hangs
What is Differential Fuzzing?
What to Execute
3.1. Different Implementations: Stdout
3.2. Different Inputs: Stdout
3.3. Different Versions: Stdout
What to Detect
4.1. Path Disclosure: XDIFF Output
4.1. Path Disclosure: Powershell (cont'd)
4.3. Error Disclosure: XDiFF Output
4.4. Code Evaluated: XDIFF Output
4.5. Command Execution: XDIFF Output
4.6. Network Connection: XDiFF Output
4.6. Network Connection: JRuby RCE
4.7. File Read: Leak Root's Password
Taught by
Hack In The Box Security Conference
