Guided Fuzzing with AFL: Improving Software Testing Efficiency

guided fuzzing with afl n.w
1 / 22
Embed
Share

Learn about guided fuzzing with AFL (American Fuzzy Lop) to enhance software testing by discovering fault conditions through repeated random input data. Explore strategies like dumb fuzzing and intelligent fuzzing, understand code coverage problems, and discover how AFL improves traditional fuzzing methods.

  • Fuzzing
  • AFL
  • Software Testing
  • Guided Fuzzing
  • Code Coverage
rayaanacharya
jamy_60 Follow

Uploaded on | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. Guided Fuzzing With AFL

  2. Agenda Lecture What is guided fuzzing All about AFL Interesting AFL findings Activity Fuzzing a toy application with AFL Fuzzing a real application with AFL

  3. Prerequisite Knowledge Basic C Basic assembly Linux command line navigation

  4. Expected Outcomes Understand... The differences, and advantages of Dumb fuzzing Intelligent fuzzing Guided fuzzing How AFL improves on traditional fuzzing Be able to... Use AFL to fuzz open source software Select and minimize good test files

  5. Fuzzing Repeatedly providing invalid, unexpected, or random input data to an application in hopes of discovering fault conditions. Source: https://twitter.com/sempf/status/514473420277694465

  6. Traditional Fuzzing Strategies Dumb Fuzzing Randomly mutate data and watch for a crash Intelligent Fuzzing Provide the fuzzer some insight about the data structure and/or format so that it can target interesting elements with carefully crafted values

  7. Code Coverage Problem Consider the following code Will a fuzzer find this? Dumb fuzzing Not a chance Intelligent fuzzing Highly unlikely Maybe after 4.2 b iterations

  8. Code Coverage Problem Traditional fuzzers rarely even look at the majority of the code-base Guaranteed to miss vulnerabilities in that code

  9. Guided Fuzzing Attempts to solve the coverage problem Observe and track flow of execution Find mutations that access new code paths Continue fuzzing with those samples Rinse, repeat until nothing new found

  10. AFL (American Fuzzy Lop) One of the first popular guided fuzzers Written by Micha Zalewski (lcamtuf) Source: http://lcamtuf.coredump.cx/afl/

  11. Compile-Time Instrumentation AFL adds a tiny bit of code to each branching statement. Such as... if else switch for while

  12. Run-Time Introspection AFL observes the process at run time and uses the added code to track code paths A B C EXIT A C CRASH A D EXIT

  13. AFL Features Excellent configuration by default Very easy to setup and use Compile-time instrumentation, FAST!!! Run-time instrumentation (blackbox) Parallelizable Data dictionary support Well documented and large user-base

  14. AFL Additional Utilities Test case minimizer File format analyzer Crash explorer Custom abusive heap allocator

  15. AFL Trophy Case http://lcamtuf.coredump.cx/afl/ (too much for one slide)

  16. Pulling JPEGs Out Of Thin Air https://lcamtuf.blogspot.com/2014/11/pulling -jpegs-out-of-thin-air.html

  17. Nobody Expects CDATA Sections https://lcamtuf.blogspot.com/2014/11/afl- fuzz-nobody-expects-cdata-sections.html

  18. Choosing Good Samples Minimize needless repetition Maximize feature usage GOOD <html><a href= b >c</a></html> BAD <div>My first test case</div> <div><div><div></div></div></div>

  19. afl-tmin AFL can automatically minimize samples Simplifies or removes anything that doesn t alter the flow of execution

  20. afl-tmin Before / After

  21. afl-analyze AFL can figure out complex file formats Mutates bytes and observes the effects Source: https://lcamtuf.blogspot.com/2016/02/say-hello-to-afl-analyze.html

  22. EOF Questions?

Related


OCTIVUS Randomized Clinical Trial: OCT-Guided vs IVUS-Guided PCI

OCTIVUS Randomized Clinical Trial: OCT-Guided vs IVUS-Guided PCI

thoren
Empowering Students: Butte College's Guided Pathways Initiative

Empowering Students: Butte College's Guided Pathways Initiative

creed
Spring 2023 Guided Pathways Advisory Council Meeting Agenda and Updates

Spring 2023 Guided Pathways Advisory Council Meeting Agenda and Updates

skyler
Fuzzing Review and Test Case Prioritization Strategies

Fuzzing Review and Test Case Prioritization Strategies

indiana
Effective Workflow for Vulnerability Research in Production Environments

Effective Workflow for Vulnerability Research in Production Environments

despina
5th Childhood Diabetes Prevention Symposium: The Early Start Study by Dr. Tess Brigitte I. Frohnert

5th Childhood Diabetes Prevention Symposium: The Early Start Study by Dr. Tess Brigitte I. Frohnert

adolph
Create Your AFL Box for Effective Classroom Assessment

Create Your AFL Box for Effective Classroom Assessment

aarav
Comparison of FFR-guided PCI vs Angiography-guided PCI in AMI with Multivessel Disease: FRAME-AMI Trial

Comparison of FFR-guided PCI vs Angiography-guided PCI in AMI with Multivessel Disease: FRAME-AMI Trial

reuben
HotFuzz: Discovering Algorithmic Denial-of-Service Vulnerabilities

HotFuzz: Discovering Algorithmic Denial-of-Service Vulnerabilities

decimus
Molecularly-Guided Therapy vs Platinum Chemotherapy in CUP Patients

Molecularly-Guided Therapy vs Platinum Chemotherapy in CUP Patients

taytum
Finding Bugs in P4 Compilers

Finding Bugs in P4 Compilers

junaid
Interactive Guided Inquiry Technique in Chemistry Class

Interactive Guided Inquiry Technique in Chemistry Class

stor_al
Maximizing Student Engagement Through Ongoing Assessment in the MFL Classroom

Maximizing Student Engagement Through Ongoing Assessment in the MFL Classroom

dans308
Automated Guided Vehicle Systems in Computer Integrated Manufacturing

Automated Guided Vehicle Systems in Computer Integrated Manufacturing

nave_li
Practical Guide to Fuzzing Programs with AFL

Practical Guide to Fuzzing Programs with AFL

ngo_dri
Fuzzing Cows: The No Bull Talk on Fuzzing Security

Fuzzing Cows: The No Bull Talk on Fuzzing Security

tice_gan
Guided Self-Help Service for Managing Daily Life

Guided Self-Help Service for Managing Daily Life

arey268
AFL Queensland Coaching Courses 2016 Event Schedule

AFL Queensland Coaching Courses 2016 Event Schedule

ludov
Enhancing Mobile App Testing Strategies for Quality Assurance

Enhancing Mobile App Testing Strategies for Quality Assurance

mel_bow
Impact of Trump Tax Law on Seniors in 2018

Impact of Trump Tax Law on Seniors in 2018

mac_s
AFL Queensland Coaching Courses 2017 Event Schedule

AFL Queensland Coaching Courses 2017 Event Schedule

zey_ken

More Related Content