Play all

Intro

NeXT, Apple, Weblogic, BEA Systems, Azul Systems

1 Introduce/Review Memory Corruption Bugs 2 A Post Fuzz Run Workflow 3 Real World Examples

Invalid Reads/Writes

Stack vs Heap Corruption

Use After Free

Other Memory Bugs

b: What is Exploitability?

Re-programming with input data- not code

Does "exploitability" matter?

Google Project Zero

Many modern exploits are bug chains

Surprisingly Exploitable

C-Ares / Chrome OS Remote Code Execution

Section 1c: Memory Corruption Mitigations

ASLR Address Space Layout Randomization

DEP Data Execution Prevention

Minimize the Corpus of Crashes

b: Memory Corruption Analysis Tools

Valgrind (memcheck)

Section 2c: Determine Exploitability / Find the Root Cause

Disable ASLR

Identify critical memory locations

PHP: Low invalid read

Netflix Dynomite: Invalid Write

Description:

Explore effective techniques for analyzing and addressing crashes resulting from fuzz testing in this informative conference talk. Learn about tools, tactics, and strategies for post-fuzz run analysis, with the goal of identifying and fixing vulnerabilities. Delve into memory corruption bugs, exploitability assessment, and mitigation techniques such as ASLR and DEP. Gain insights on workflow optimization, crash corpus minimization, and the use of analysis tools like Valgrind. Examine real-world examples, including invalid reads/writes, stack vs. heap corruption, and use-after-free scenarios. Understand the importance of bug chains in modern exploits and discover how seemingly innocuous issues can lead to significant vulnerabilities, as demonstrated by case studies from Google Project Zero, C-Ares, and Chrome OS.

The Aftermath of a Fuzz Run - What to Do About Those Crashes?

Linux Foundation

Add to list

#Conference Talks #Information Security (InfoSec) #Cybersecurity #Software Security #Vulnerability Analysis #Programming #Software Development #Software Testing #Fuzzing #Valgrind