Главная
Study mode:
on
1
Introduction
2
Quan Jin Introduction
3
Agenda
4
My story
5
Surviving
6
Candidates
7
Questions
8
Statistics
9
Excel
10
Visibility
11
File Types
12
distillation
13
fuzzy mutation
14
classification
15
synchronization
16
reproducer
17
manual check
18
bug id report
19
fuzzing equipment
20
problem list
21
dialog boxes
22
VMworld too fast
23
Speed of execution
24
File size
25
Virtual machine fuzzing
26
Processing inconsistencies
27
Filing strategies
28
Size of speed fire
29
How to manage crash files
30
Case 61461
31
Case 20201494
32
Case 202017126
33
Case 2020117
34
Case 2020118
35
Thanks
Description:
Discover the process of uncovering 16 Microsoft Office Excel vulnerabilities in just 6 months through this insightful conference talk from the Hack In The Box Security Conference. Learn how to build an effective fuzzing framework step-by-step, including selecting fuzzing corpus, implementing mutation algorithms, and triaging results. Gain valuable insights into automating dialog box interactions, managing temporary files, and optimizing fuzzing strategies. Explore real-world examples of remote code execution and information disclosure vulnerabilities, and understand the process of reporting findings to Microsoft Security Response Center. Benefit from the speaker's extensive experience in security research and vulnerability discovery, including tips for overcoming common challenges in the fuzzing process.

How I Found 16 Microsoft Office Excel Vulnerabilities in 6 Months

Hack In The Box Security Conference
Add to list
00:00
-00:29