Laurent Butti: Wi-Fi Advanced Fuzzing
Jan 09, 2006•55 min
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more
Episode description
"Fuzzing is a software testing technique that consists in finding implementation bugs. Fuzzing Wi-Fi drivers is becoming more and more attractive as any exploitable security bug will enable the attacker trun arbitrary code with ring0 privileges (within victim's radicoverage).
This presentation will describe all the processes involved in the design from scratch of a fully-featured Wi-Fi fuzzer. It will pinpoint all issues and constraints when fuzzing 802.11 stacks (scanning, bugs identification, replaying bugs, analyzing kernel crashes...).
Then some features will be focused on, in order tunderstand which kind of implementation bugs may be discovered and which vulnerabilities we discovered thanks tthis tool (CVE-2006-6059, CVE-2006-6125).
Finally, a real-world example will be fully explained: how we found the first (publicly known) madwifi stack-based overflow thanks tour Wi-Fi fuzzer (CVE-2006-6332)."
Laurent is a network security expert working for France Telecom RD labs, where he works on wireless security (IEEE 802.11, IEEE 802.16...), honeypots and malwares. He alsspoke at numerous security-focused conferences (EuroSec, SSTIC, FIRST, LSM, ToorCon, ShmooCon, BlackHat...).
This presentation will describe all the processes involved in the design from scratch of a fully-featured Wi-Fi fuzzer. It will pinpoint all issues and constraints when fuzzing 802.11 stacks (scanning, bugs identification, replaying bugs, analyzing kernel crashes...).
Then some features will be focused on, in order tunderstand which kind of implementation bugs may be discovered and which vulnerabilities we discovered thanks tthis tool (CVE-2006-6059, CVE-2006-6125).
Finally, a real-world example will be fully explained: how we found the first (publicly known) madwifi stack-based overflow thanks tour Wi-Fi fuzzer (CVE-2006-6332)."
Laurent is a network security expert working for France Telecom RD labs, where he works on wireless security (IEEE 802.11, IEEE 802.16...), honeypots and malwares. He alsspoke at numerous security-focused conferences (EuroSec, SSTIC, FIRST, LSM, ToorCon, ShmooCon, BlackHat...).
For the best experience, listen in Metacast app for iOS or Android