Finding The .webp Vulnerability in 8s (Fuzzing with AFL++)
A guide on how to do fuzzing with AFL++ in an attempt to rediscover the libwebp vulnerability CVE-2023-4863 that was used to hack iPhones.
Want to learn hacking? Signup to https://hextree.io (ad)
Buy my shitty font: https://shop.liveoverflow.com/ (ad)
Watch webp Part 1: • A Vulnerability to Hack The World - C...
Sudo Vulnerability Series: • Sudo Vulnerability Walkthrough
Docker Video: • How Docker Works - Intro to Namespaces
OSS-Fuzz: https://github.com/google/oss-fuzz
OSS-Fuzz libwebp coverage: https://storage.googleapis.com/oss-fu...
AFLplusplus: https://github.com/AFLplusplus/AFLplu...
vanhauser's blog: https://www.srlabs.de/blog-post/advan...
vanhauser/thc on twitter: / hackerschoice
AFLpluslus Persistent Mode: https://github.com/AFLplusplus/AFLplu...
Grab the code: https://github.com/LiveOverflow/webp-...
=[ ❤️ Support ]=
Find out how you can support LiveOverflow: https://liveoverflow.com/support/
=[ 🐕 Social ]=
→ 2nd Channel: / liveunderflow
→ Twitter: / liveoverflow
→ Streaming: https://twitch.tvLiveOverflow/
→ TikTok: / liveoverflow_
→ Instagram: / liveoverflow
→ Blog: https://liveoverflow.com/
→ Subreddit: / liveoverflow
→ Facebook: / liveoverflow
Chapters:
00:00 - Intro
00:36 - How to Learn About Fuzzing?
02:36 - Setting Up Fuzzing With AFL++
04:53 - My Docker Workflow for Fuzzing
06:35 - AFL++ Different Coverage Strategies
09:50 - Start the libwebp Fuzzing Campaign
11:58 - Adjusting the Fuzzer
13:45 - Why Don't We Find a Crash?
15:49 - Fuzzing with AFL++ Persistent Mode
19:47 - Persistent Mode Fuzzing Results
20:46 - Finding the Vulnerability in 8s
