Summary of AFL Plus+ Fuzzing Overview

This video provides an overview of using AFL Plus+ for fuzz testing, with the presenter sharing personal experiences while trying to fuzz the “libwebp” library, in an effort to rediscover a vulnerability that was used to hack iPhones. The video discusses the importance of understanding fuzzing and taking a practical approach, including setting up a fuzzing environment, integrating Docker, and exploring different fuzzing strategies.

Key Points:

• The presenter is new to fuzzing and is learning by attempting to reproduce significant vulnerabilities.
• A FL Plus+ is a powerful tool that can help find vulnerabilities in programs, including open source software.
• Competing against OSS fuzz, a large continuous fuzzing server by Google, presents challenges when fuzzing prominent libraries.
• Setting up a fuzzing environment requires compiling the target library with AFL’s instrumentation.
• Utilizing Docker containers can streamline the setup process and maintain a clean local environment.
• Iterative development is encouraged, adjusting scripts as errors are encountered during the fuzzing process.
• Different fuzzing instances can be run with varied instrumentation and coverage strategies to enhance results.
• Creating an allow list with functions of interest can potentially speed up the fuzzing process.
• Persistent fuzzing, as opposed to regular fuzzing, can significantly enhance performance and results.
• The video encourages understanding that fuzzing is not a guaranteed method for vulnerability discovery, emphasizing the need for a strategic approach.
• Despite some failures, the presenter remains optimistic and continues exploring fuzzing methods.

Youtube Channel: LiveOverflow
Video Published: 2024-01-22T14:25:45+00:00

Video Description:
A guide on how to do fuzzing with AFL++ in an attempt to rediscover the libwebp vulnerability CVE-2023-4863 that was used to hack iPhones.

Want to learn hacking? Signup to https://hextree.io (ad)
Buy my shitty font: https://shop.liveoverflow.com/ (ad)

Watch webp Part 1: https://www.youtube.com/watch?v=lAyhKaclsPM
,
Sudo Vulnerability Series: https://www.youtube.com/playlist?list=PLhixgUqwRTjy0gMuT4C3bmjeZjuNQyqdx
Docker Video: https://www.youtube.com/watch?v=-YnMr1lj4Z8

OSS-Fuzz: https://github.com/google/oss-fuzz
OSS-Fuzz libwebp coverage: https://storage.googleapis.com/oss-fuzz-coverage/libwebp/reports/20230901/linux/src/libwebp/src/utils/report.html
AFLplusplus: https://github.com/AFLplusplus/AFLplusplus/blob/stable/docs/fuzzing_in_depth.md
vanhauser’s blog: https://www.srlabs.de/blog-post/advanced-fuzzing-unmasks-elusive-vulnerabilities
vanhauser/thc on twitter: https://twitter.com/hackerschoice
AFLpluslus Persistent Mode: https://github.com/AFLplusplus/AFLplusplus/blob/0c054f520eda67b7bb15f95ca58c028e9b68131f/instrumentation/README.persistent_mode.md
Grab the code: https://github.com/LiveOverflow/webp-CVE-2023-4863

=[ ❤️ Support ]=

Find out how you can support LiveOverflow: https://liveoverflow.com/support/

=[ 🐕 Social ]=

→ 2nd Channel: https://www.youtube.com/LiveUnderflow
→ Twitter: https://twitter.com/LiveOverflow/
→ Streaming: https://twitch.tvLiveOverflow/
→ TikTok: https://www.tiktok.com/@liveoverflow_
→ Instagram: https://instagram.com/LiveOverflow/
→ Blog: https://liveoverflow.com/
→ Subreddit: https://www.reddit.com/r/LiveOverflow/
→ Facebook: https://www.facebook.com/LiveOverflow/

Chapters:
00:00 – Intro
00:36 – How to Learn About Fuzzing?
02:36 – Setting Up Fuzzing With AFL++
04:53 – My Docker Workflow for Fuzzing
06:35 – AFL++ Different Coverage Strategies
09:50 – Start the libwebp Fuzzing Campaign
11:58 – Adjusting the Fuzzer
13:45 – Why Don’t We Find a Crash?
15:49 – Fuzzing with AFL++ Persistent Mode
19:47 – Persistent Mode Fuzzing Results
20:46 – Finding the Vulnerability in 8s