I just watched the streams/videos of the last CCC (29C3). There were a lot of nice talks, but I really liked the talk from Carlos Garcia Prado.
In his talk „How I met your pointer“ he was using binary instrumentation targeting client / server software in order to improve fuzzing especially for proprietary or unknown protocols.
If I find some time I’ll have a closer look to his project, cause I’m very interested in this kind of research. In my opinion there are not many „smart“ ways in fuzzing proprietary or unknown protocols, so if we have the possibility to automate or skip the process of reversing and modeling (learning) the protocol we should do it.
Kommentar verfassen