LiveOverflow | Finding Buffer Overflow with Fuzzing | Ep. 04 @LiveOverflow | Uploaded 3 years ago | Updated 10 hours ago
AFL helped us to find a buffer overflow. Did we find a real crash in sudo? Let's investigate it.
Files on GitHub: github.com/LiveOverflow/pwnedit/tree/main/episode04
Blog Post: liveoverflow.com/finding-buffer-overflow-with-fuzzing
Previous video and episode playlist: youtube.com/watch?v=W2kZnmchJhI&list=PLhixgUqwRTjy0gMuT4C3bmjeZjuNQyqdx&index=3&t=335s
Episode 04:
00:00 - Intro
00:28 - Looking at AFL crashes
01:25 - Investigate Crashes with gdb
03:35 - Debug Crash in AFL argv[] wrapper
04:27 - Fixing Buffer Overflow in AFL argv[] wrapper
05:19 - Setup Fuzzing Experiment with AFL++
07:11 - AFL UI Output Information
-=[ β€οΈ Support ]=-
β per Video: patreon.com/join/liveoverflow
β per Month: youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join
-=[ π Social ]=-
β Twitter: twitter.com/LiveOverflow
β Website: liveoverflow.com
β Subreddit: reddit.com/r/LiveOverflow
β Facebook: facebook.com/LiveOverflow
AFL helped us to find a buffer overflow. Did we find a real crash in sudo? Let's investigate it.
Files on GitHub: github.com/LiveOverflow/pwnedit/tree/main/episode04
Blog Post: liveoverflow.com/finding-buffer-overflow-with-fuzzing
Previous video and episode playlist: youtube.com/watch?v=W2kZnmchJhI&list=PLhixgUqwRTjy0gMuT4C3bmjeZjuNQyqdx&index=3&t=335s
Episode 04:
00:00 - Intro
00:28 - Looking at AFL crashes
01:25 - Investigate Crashes with gdb
03:35 - Debug Crash in AFL argv[] wrapper
04:27 - Fixing Buffer Overflow in AFL argv[] wrapper
05:19 - Setup Fuzzing Experiment with AFL++
07:11 - AFL UI Output Information
-=[ β€οΈ Support ]=-
β per Video: patreon.com/join/liveoverflow
β per Month: youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join
-=[ π Social ]=-
β Twitter: twitter.com/LiveOverflow
β Website: liveoverflow.com
β Subreddit: reddit.com/r/LiveOverflow
β Facebook: facebook.com/LiveOverflow