Advanced Custom Network Protocol Fuzzing - Red Rock VI
Event Information
Description
Title: Advanced Custom Network Protocol Fuzzing
Instructor: Joshua Pereyda & Carl Pearson
Abstract: Get hands on experience writing custom network protocol fuzzers. This class will cover the basics of network protocol "smart fuzzing." Exercises will utilize the open source network protocol fuzzing framework, boofuzz. Attendees will gain practice reverse engineering a network protocol, implementing and iterating on a custom fuzzer, and identifying vulnerabilities.
After:
1. You will know the basics of fuzzing.
2. You will know how to write custom network protocol fuzzers using state of the art open source tools.
3. You will have hands on experience with this widely-discussed but still largely mysterious test method.
Before (Prerequisites): You should:
1. Be comfortable doing some basic programming in Python.
2. Understand basic network protocol concepts (e.g. what is a protocol and what is a network layer).
3. Be familiar with WireShark and how to use it.
4. Have a laptop with at least 8 GB of RAM.
What you won't learn:
1. Exploit development.
2. Python programming. Because you can already do that (see above). ;)
Fuzzing is a wide and deep field with a wide array of technologies. This class is a beginner-friednly deep dive into one niche of the fuzzing world.
Level: Intermediate
Pre-Requisites: - Some basic Python programming experience (some programming ability is REQUIRED).
- Basic understanding of network protocols.
- Basic familiarity with Wireshark.
- Optional: Fuzzing experience.
Required Materials: - Laptop -- strongly recommended: configure for Defcon secure Wi-Fi access beforehand.
- Software requirements will be emailed to class ahead of time