Finding The .webp Vulnerability in 8s (Fuzzing with AFL++)

preview_player
Показать описание
A guide on how to do fuzzing with AFL++ in an attempt to rediscover the libwebp vulnerability CVE-2023-4863 that was used to hack iPhones.

=[ ❤️ Support ]=

=[ 🐕 Social ]=

Chapters:
00:00 - Intro
00:36 - How to Learn About Fuzzing?
02:36 - Setting Up Fuzzing With AFL++
04:53 - My Docker Workflow for Fuzzing
06:35 - AFL++ Different Coverage Strategies
09:50 - Start the libwebp Fuzzing Campaign
11:58 - Adjusting the Fuzzer
13:45 - Why Don't We Find a Crash?
15:49 - Fuzzing with AFL++ Persistent Mode
19:47 - Persistent Mode Fuzzing Results
20:46 - Finding the Vulnerability in 8s
  1. LiveOverflow
  2. Live Overflow
  3. liveoverflow
  4. hacking tutorial
  5. how to hack
  6. exploit tutorial
Рекомендации по теме
Finding The .webp 0:24:11

Finding The .webp Vulnerability in 8s (Fuzzing with AFL++)

How to Scan 0:06:26

How to Scan ANY Website for Vulnerabilities!

This image Can 0:05:38

This image Can Hack You (The .webp Exploit)

How To Know 0:00:55

How To Know What Apps Are Affected by The WebP CVE-2023-4863 Vulnerability

Why You Need 0:09:15

Why You Need To Patch More Than Your Browser For WebP Vulnerabilities Now!

A Vulnerability to 0:18:00

A Vulnerability to Hack The World - CVE-2023-4863

one of the 0:08:40

one of the craziest exploits i've ever seen

Website Vulnerabilities to 0:19:50

Website Vulnerabilities to Fully Hacked Server

how do hackers 0:08:25

how do hackers exploit buffers that are too small?

WEBP Heap Buffer 0:03:42

WEBP Heap Buffer overflow zero day exploit problem what is it?

VULNERABILITY EXPLOIT FOUND 0:01:01

VULNERABILITY EXPLOIT FOUND IN WEB BROWSERS ABD SOFTWARE #vulnerability #software

Chrome Zero Day: 0:01:33

Chrome Zero Day: Find vulnerable devices for patching

The Most Dangerous 0:27:21

The Most Dangerous Codec in the World: Finding and Exploiting Vulnerabilities in H.264 Decoders

Using Elastic to 0:03:39

Using Elastic to Scan for Webp Vulnerability

What it Takes 0:18:04

What it Takes to Patch High Impact Vulnerabilities: A Retrospective on WebP CVE

[Walkthrough] Discovering Vulnerabilities 0:21:43

[Walkthrough] Discovering Vulnerabilities in top 1000 WordPress Plugins

CVE-2023-23397: Microsoft Outlook 0:00:25

CVE-2023-23397: Microsoft Outlook Elevation of Privilege Vulnerability

WebP 0-day: How 0:01:31

WebP 0-day: How to Identify Apps Vulnerable to CVE-2023-5129 with NinjaOne

How I Found 0:11:30

How I Found (And Patched) CVE-2024-23724

TryHackMe! [Web Vulnerabilities] 0:10:52

TryHackMe! [Web Vulnerabilities] Local File Inclusion

Check for Vulnerable 0:01:36

Check for Vulnerable Libraries in Your Web Application

How Hackers Exploit 0:23:58

How Hackers Exploit Vulnerable Drivers

What Is A 0:04:24

What Is A CDN? How Does It Work?

Hacker's Gave me 0:02:23

Hacker's Gave me a Game and I Found a Virus

Комментарии
Автор

Kind of a side note, but I really hate how many relatively important discussions happen on Discord these days instead of forums... They aren't indexed/searcchable by search engines or archived by archive services, so they're just gone forever.

PwnySlaystation
Автор

This was a good overview, but the second approach shows why it's always super important to make the small changes needed in example programs to use afl-clang-fast. You could have done a months worth of your current approach in a day with the speedup. It's going to be very difficult to ever find something at 100 execs/sec.

InfiniteQuest
Автор

A Crowdstrike desaster deep dive would be a nice comeback video. Just saying 😜

doenerstag
Автор

Hey just wanted to say you were a huge part in my early IT career that kept me intrigued and wanting to keep pushing my understanding to the limit. You are awesome. Still wish you would have done some in depth C courses at some point but I know they are everywhere

GodBreathed
Автор

love to see that you are still wearing the ccc entrance band 😄 was nice meeting you there!

realcmplx
Автор

thank you for your crystal clear explanation

hamzahajjaj
Автор

Very good video.
When you try to subscribe to the hextree updates and do not mark the "I accept and read the privacy policy" there is no feedback for not checking the checkbox. Only in the developer tools I was able to see my mistake.

maxnix
Автор

Dein Content und dein Kanal sind genial! Wie immer absolut krasses Video!

devchannel
Автор

I WANT A POC OF .webp Image to run “whoami” !!! 😂😂

teogorqui
Автор

excellent video and well explained as always🙏👏👏👏

teogorqui
Автор

amazing. deep respect from South korea, man

ygmyccw
Автор

Where is Mr Live Of?
Has a letter agency taken him out as he was just about to reveal their under cover operation?

Shocker
Автор

Bruh, are you alive? Waiting for your video on something for about a month now.

varunchowdarym
Автор

Only i know how much i have waited for this video to be released

SIGSEGV
Автор

Curious how oss fuzz is doing stuff at their scale and budget. Finding target functions for individual fuzzing like the Huffman table function, while at the same time having input that maps cleanly back into the source input file

TheFinalByte
Автор

Vanhauser-thc is the author of hydra tool?

longshin
Автор

a really good video, i am also making content with ctf broo. Thank you for your knowledge

Aristoranggaa
Автор

At 21:04 there probably should be 500 instead of 410.
But thanks for the great video.

dvid
Автор

Make it’s own live YouTube channel to your fuzzer 😂

Also what discord channel is that one?

fitzging
Автор

Thankyou For the video, I believe you are using a MacBook, what precautions you are taking to not burn out the SSD, are you mapping temp folder to memory drive? Just curious

stellusctf