Fuzzing RDP Client and Server

Explore the intricacies of fuzzing the Remote Desktop Protocol (RDP) in this 47-minute conference talk from the Hack In The Box Security Conference. Dive into the journey of adapting a traditional coverage-guided fuzzer (WinAFL) to test a complex network protocol, focusing on both RDP client and server implementations. Learn about the innovative approach of fuzzing RDP from both ends, a concept not previously explored. Discover how the speakers utilized WinAFL, DynamoRIO, and custom enhancements to target multiple RDP channels and message types, uncovering numerous new bugs. Gain insights into the challenges faced during development, result analysis, and the responsible disclosure process. The talk covers various aspects including the RDP attack surface, coverage-guided fuzzing setup, code patches, grammar enforcement, multi-channel input, and automatic crash analysis. Presented by security researchers Shaked Reiner and Or Ben-Porath from CyberArk, this talk offers valuable knowledge for those interested in vulnerability research, OS security, and advanced fuzzing techniques.