Kind of a side note, but I really hate how many relatively important discussions happen on Discord these days instead of forums... They aren't indexed/searcchable by search engines or archived by archive services, so they're just gone forever.
@LiveOverflow
8 ай бұрын
fully agree :(
@huzaifamuhammad8044
8 ай бұрын
Yeah, you raised an important point. But how do we correct such trend ? I mean how do we keep discussions in forums instead of discord servers? Really, great things are being discussed over there in different discord servers but end up being only for the members participating in the servers
@PwnySlaystation01
8 ай бұрын
@@huzaifamuhammad8044 I don't know if there's any way to fix it. It's kinda like IRC was back in the day. People want limited, non-public communities.... Also, several companies moved their support forums to Discord which is even worse... Then every time you're looking for a solution to a technical problem, you can't find it and have to join some discord, then ask a question which has probably been asked/answered a bunch of times already. Maybe Discord should be pressured to index/archive conversations and make them searchable? Maybe as an option for server owners? I don't know
@SandWire
8 ай бұрын
Discord bot reposting every message from channel to forum?
@PwnySlaystation01
8 ай бұрын
@@SandWire Not a bad idea for individual servers/channels. I remember I wrote a little bot to do essentially the same thing on IRC back in the day. That was back in like... 1998-1999 maybe, and those conversations are still online!
@InfiniteQuest86
8 ай бұрын
This was a good overview, but the second approach shows why it's always super important to make the small changes needed in example programs to use afl-clang-fast. You could have done a months worth of your current approach in a day with the speedup. It's going to be very difficult to ever find something at 100 execs/sec.
@LiveOverflow
8 ай бұрын
The second approach was fuzzing one function directly, the first one was fuzzing the full binary. So you cannot really compare the two, very different scopes :)
@InfiniteQuest86
8 ай бұрын
@@LiveOverflow I understand that, but your response indicates that you are missing the relevant point. You can do the same thing as in the second one by modifying dwebp. I guarantee similar speed. The scope of dwebp isn't much more than a few function calls. It was fast due to persistent mode, not because it was smaller.
@doenerstag8789
2 ай бұрын
A Crowdstrike desaster deep dive would be a nice comeback video. Just saying 😜
@realcmplx
8 ай бұрын
love to see that you are still wearing the ccc entrance band 😄 was nice meeting you there!
@hamzahajjaj4106
8 ай бұрын
thank you for your crystal clear explanation
@1.4142
3 ай бұрын
unaliveoverflow
@고장나지않은남혜리
4 ай бұрын
amazing. deep respect from South korea, man
@ZelenoJabko
2 ай бұрын
You mean China?
@maxnix9256
8 ай бұрын
Very good video. When you try to subscribe to the hextree updates and do not mark the "I accept and read the privacy policy" there is no feedback for not checking the checkbox. Only in the developer tools I was able to see my mistake.
@teogorqui7061
8 ай бұрын
I WANT A POC OF .webp Image to run “whoami” !!! 😂😂
@devchannel5232
8 ай бұрын
Dein Content und dein Kanal sind genial! Wie immer absolut krasses Video!
@sanderbos4243
8 ай бұрын
I love your fuzzing videos!
@teogorqui7061
8 ай бұрын
excellent video and well explained as always🙏👏👏👏
@GodBreathed77
7 ай бұрын
Hey just wanted to say you were a huge part in my early IT career that kept me intrigued and wanting to keep pushing my understanding to the limit. You are awesome. Still wish you would have done some in depth C courses at some point but I know they are everywhere
@Shocker99
3 ай бұрын
Where is Mr Live Of? Has a letter agency taken him out as he was just about to reveal their under cover operation?
@oj0024
8 ай бұрын
Is this what they call unit fuzzing?
@norodix6857
8 ай бұрын
This was great!
@d4vid8959
8 ай бұрын
At 21:04 there probably should be 500 instead of 410. But thanks for the great video.
@ZelenoJabko
2 ай бұрын
Hans, where are you? We miss you. Come back.
@Aristoranggaa
7 ай бұрын
a really good video, i am also making content with ctf broo. Thank you for your knowledge
@damejelyas
6 ай бұрын
Rocks as always
@longshin4299
8 ай бұрын
Vanhauser-thc is the author of hydra tool?
@adhikara13
8 ай бұрын
Yes the one and only
@ourcer
8 ай бұрын
He the author of AFL++ too, basically
@MygenteTV
8 ай бұрын
I had been watching your content for almost 10 years now. I really love it, but I have to be honest every time I watch any of your videos I feel really dumb because unlike most youtuber your craft is just way too high level. I really like what you can do with this tool and is something I would like to learn how to use since im the cybersecurity field. would you mind dumb things down a lit?Like making a tutorial on this tool, like how to properly set it up, then picking a random program to test it on?
@0x3v4d3r
8 ай бұрын
Hope to one day reach this level
@adhikara13
8 ай бұрын
Me too
@chihuhahuana4863
8 ай бұрын
@@adhikara13why are you everywhere?
@squid13579
7 ай бұрын
afl++ is way harder than we think 😑😓
@stellusctf6479
18 күн бұрын
Thankyou For the video, I believe you are using a MacBook, what precautions you are taking to not burn out the SSD, are you mapping temp folder to memory drive? Just curious
@fitzging
10 күн бұрын
Make it’s own live KZitem channel to your fuzzer 😂 Also what discord channel is that one?
@jbritain
8 ай бұрын
It's always nice to see a pocke level that's more conventional, because they do them so well, as much as their experimental stuff is impressive, I was never a massive fan of it.
@ujjwalaggarwal7065
5 ай бұрын
next video whennnnnn!!!!!!!!!!!!!!!
@black_crest
4 ай бұрын
@@20cmusic Did he say that explicitly?
@rahulramteke3338
8 ай бұрын
Nice video
@simplydebby2530
7 ай бұрын
Overflow?
@Kolor-kode
8 ай бұрын
tmux would have been a better option than screen.
@bytemaiden
8 ай бұрын
great video. still wearing your congress wristband i see :)
@roeesi-personal
5 ай бұрын
1:45AM HUFO here: Fuzzing is dumb, the moral should not be duplicate your code to make it more secure and the way they found the vuln was reading the code and understanding an attacker's input can go to the function where an assumption on it would be incorrect.
@tg7943
8 ай бұрын
Push!
@Umbreedon
8 ай бұрын
epic
@D1ndo
7 ай бұрын
How does AFL++ compare to libfuzzer from the llvm project? Could be a nice video.
@shaisarfaty
7 ай бұрын
so would you say that the PoC file that cause the crash actually is a valid format ? no malformed sizes no malformed data but the processing of the data tables will cause a representation that will cause later a corruption in the decoder of libweb ?
@shaisarfaty
7 ай бұрын
i wonder if this could full reproduce with AFLgo ? as AFLgo can take 2 diff of checkouts and direct fuzz ... i wonder if this would have reproduce this complex bug .. i know its "defacto" and not actually finding the issue... still interesting ..
@diobrando7642
8 ай бұрын
What happens if you use qsym/hybrid fuzzing techniques? I read the paper (well, most part) about it and it claims *speed*
@Jankoekepannekoek
8 ай бұрын
My theory of how they found it: formal methods.
@shaisarfaty
7 ай бұрын
like what ? share more details ?
@Jankoekepannekoek
7 ай бұрын
@@shaisarfaty Formalise the logic of the program interactive theorem provers like Isabelle or Coq.
@jasonvaf1
8 ай бұрын
Question for the greater cyber sec community. How applicable is binary fuzzing to your work? This is something that I really want to get into but seems like it is far from applicable in my work so far.
@LiveOverflow
8 ай бұрын
I do security audits of mostly web application. Once in a while you get clients with cgi .c or other embedded tools and server stuff. So it's not common. But I want to be able to also do good work in those cases ;)
@ourcer
8 ай бұрын
There is plenty of way to fuzz binary target. You can statically instrument them, or fuzz them without instrumentation with tool such as Radamsa
@motbus3
6 ай бұрын
I had situations where memory corruption cause a major problem which we supposed should not happen. After investigating with tombstone logs and fuzzying we found that there was a race conditions caused by a defective driver
@almatsumalmaadi8103
8 ай бұрын
Please Help!!!! Are new Mac's with new M series apple chips good for binary exploitation, android and windows pentesting? Because i heard that you have to a wrok arounds to run like kali linux, also some essential tools not designed to work on these new architecture M chips.
@LiveOverflow
8 ай бұрын
it's good if you want to do mac (arm) exploitation. obviously not so great when you want to learn linux (x86) exploitation. in this case I also did the fuzzing setup on mac, but the actual fuzzing I did on a linux x86 server.
@tho9464
8 ай бұрын
@@LiveOverflow Can you share more insights on this? It seems you had used docker container on your Mac M1 machine or did you use a cloud linux server and launched your container there? I think there are not many good resources for aspiring vulnerability researchers out there on what is a good setup for binary research for Linux binaries if your base is Macbook M chips. Also, another question - do you think using a cloud service like AWS with a high performance EC2 Instance would speed up the fuzzing process given that it has more cores / RAM available than running on your local linux computer?
@FalcoGer
8 ай бұрын
@22:50 are you quite sane? Avoiding code duplication improves readability and maintainability. Why would you copy the same code into 5 different functions, just to make fuzzing easier?
@LiveOverflow
8 ай бұрын
You don’t have to copy the complete logic. Just create a wrapper function for each color's huffman table.
@shaisarfaty
6 ай бұрын
after doing deep investigation on the code and what you have fuzzed , your choice of fuzzing that API is useless . this doesn't have any understanding between your crash and to the original data that is from the file , the data transformation is what you have fuzzed and to get the needed data to put in a file require to find what is the de-transformation that is needed in order to put it back into a file.
@DM-qm5sc
2 ай бұрын
I heard this guy got thrown in jail for saying something against the rules in Germany
@YuraSuper2048
8 ай бұрын
cute
@ERazzor
8 ай бұрын
It's cool to live in the world where one can watch 25 minutes video in 0 seconds
@AGamersWork
8 ай бұрын
Nah thon just got struck by a bolt of lightning and thus was able to take in 25min worth of info in 0.001mins@@ERazzor
@Kalakar_Team_X
7 ай бұрын
Please make a video PUBG lite 0.27.0 32bit vtable hooking please
@netbin
7 ай бұрын
nowadays with chatgpt youtube bloggers becoming useles kek
@waldolemmer
8 ай бұрын
I'm two and a half minutes in and I still don't know what fuzzing is
@highlights973
8 ай бұрын
its just a process of doing random stuff on the application to see ash or do some weird things it was not intended to with aim of analysing what causes the crash so tha you can weaponize that and attack the applications that is how i understand it hopefully it helps
@davishall
8 ай бұрын
Think of it as just brute forcing unexpected inputs and detecting unexpected behavior.
@kennichdendenn
8 ай бұрын
Thats why he referred to another video explaining the basics.
@varunchowdarym
7 ай бұрын
Bruh, are you alive? Waiting for your video on something for about a month now.
@huzaifamuhammad8044
8 ай бұрын
Can you share the discord server that you found about AFL fuzzing?
@TheFinalByte
8 ай бұрын
Curious how oss fuzz is doing stuff at their scale and budget. Finding target functions for individual fuzzing like the Huffman table function, while at the same time having input that maps cleanly back into the source input file
@threeMetreJim
2 ай бұрын
That's interesting. I guess you'd have to read the webp spec to see how the image data translates into building those tables, then go from there. It might require so many combinations of data that doing it naively would end up as a hard as finding a hash collision or brute force decrypting. On another note, and it's a long shot, does anyone know a utility that can load a thread binary image so that it can be 'debugged'. It's something I do not want to run freely, and it is obfuscated so needs to run only as far as the obfuscation is removed, then dumped, and then terminated. I was thinking the bare minimum that loads the thread but throws an error before it runs for a debugger to catch. That way it would never run without the debugger ready to catch it. Extremely simple, but I cannot program 'C, C++, C#, and etc,' and can only do a small amount of Python so far. The thread needs whatever windows has ready for it on the stack in normal operation (0x18 bytes worth it looks like from the disassembly) - there is no input from the original hosting program.
@leapbtw
8 ай бұрын
funny to see you’re using your minecraft server to also do these. stuff lol
@cesaraugustomarcelinodossa5138
8 ай бұрын
In the end, fuzzing is supporting tool, but cannot test things for developers "magically". So at this point, there needs to have some knowledge and experience on how (and what) to fuzz, just like pentesting
@fadiallo1
2 ай бұрын
You Can Be Turkey Pro.
@Reelix
8 ай бұрын
Here's a challenge - Create a distributed fuzzing client. One person fuzzing for 100 days? Naa. 100 people fuzzing for 1 day? Way easier. 10,000 people fuzzing for awhile? Should find SOMETHING :p
@tomtravis858
8 ай бұрын
love you man
@zanidd
7 ай бұрын
guess I missed you at the CCC
@frosk.
7 ай бұрын
at minute 21:04 there is a mistake in the graphics. it should be 520>500 and not 520>410, which was the input value from before
@noobishgamer995
7 ай бұрын
I wish you did more minecraft stuff. that was fun and kinda why i subbed to you xD ... i mean either way your videos are great !
@SIGSEGV200
8 ай бұрын
Only i know how much i have waited for this video to be released
@timvw01
8 ай бұрын
Cool stuff
@AGamersWork
8 ай бұрын
Noice
@Kalakar_Team_X
7 ай бұрын
Please make a video PUBG lite 0.27.0 32bit vtable hooking please
Пікірлер: 102