Troubleshooting AFL Fuzzing Problems | Ep. 03

Channel:
United States LiveOverflow
Subscribers:
920,000
Published on ● Video Link: https://www.youtube.com/watch?v=W2kZnmchJhI


Duration: 8:22
21,494 views
1,382

We are using afl to fuzz the sudo binary, but we run into a lot more issues. In this video we are troubleshooting some issues and come up with solutions.

Article version: https://liveoverflow.com/troubleshooting-afl-fuzzing-problems/
Grab the files: https://github.com/LiveOverflow/pwnedit

Correction: afl can fuzz setuid process, I was just dumb. More details in this video: https://youtu.be/TLa2VqcGGEQ?t=323

Episode 03:
00:00 - Intro
00:30 - afl: No more free CPU cores
01:10 - Patching execs in target binary
01:47 - afl: Unable to create file. No space left on device
03:06 - afl Trick: Find non-memory corruption issues
04:22 - Fuzzing setuid sudo as root
06:38 - Next fuzz attempt

-=[ ❀️ Support ]=-

β†’ per Video: https://www.patreon.com/join/liveoverflow
β†’ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join

-=[ πŸ• Social ]=-

β†’ Twitter: https://twitter.com/LiveOverflow/
β†’ Website: https://liveoverflow.com/
β†’ Subreddit: https://www.reddit.com/r/LiveOverflow/
β†’ Facebook: https://www.facebook.com/LiveOverflow/

-=[ πŸ“„ P.S. ]=-

All links with "*" are affiliate links.



Other Videos By LiveOverflow


2021-08-11C Code Review - Reaching Vulnerable Code in sudo | Ep. 08
2021-07-31DO NOT USE alert(1) for XSS
2021-07-24Understanding C Pointer Magic Arithmetic | Ep. 07
2021-07-17Crazy Steam Phishing Page
2021-07-10What is a Browser Security Sandbox?! (Learn to Hack Firefox)
2021-07-02Root Cause Analysis With AddressSanitizer (ASan) | Ep. 06
2021-06-25Found a Crash Through Fuzzing? Minimize AFL Testcases! | Ep. 05
2021-06-18Understand Security Risk vs. Security Vulnerability!
2021-06-11Finding Buffer Overflow with Fuzzing | Ep. 04
2021-06-04Hacker Culture Meritocracy?
2021-05-22Troubleshooting AFL Fuzzing Problems | Ep. 03
2021-05-15Pentesting vs. Bug Bounty vs. Pentesting ???
2021-05-08How Fuzzing with AFL works! | Ep. 02
2021-04-29Why Pick sudo as Research Target? | Ep. 01
2021-04-22How SUDO on Linux was HACKED! // CVE-2021-3156
2021-04-15How To Protect Your Linux Server From Hackers!
2021-04-07Running Out Of Hacking Video Ideas
2021-04-05New Challenges Released for CSCG 2021 (including mine) #shorts
2021-04-01Security YouTuber Drama...
2021-03-17Hacking into Google's Network for $133,337
2021-03-03Start of Cyber Security Challenge Germany 2021 #shorts


Tags:
Live Overflow
liveoverflow
hacking tutorial
how to hack
exploit tutorial
afl
aflplusplus
sudo
sudoedit
pwnedit
baron samedit
security research
fuzzing
fuzzer
out of memory
no cpu
guided fuzzing
coverage guided fuzzer
american fuzzy lop
system error
memory corruption
afl trick
parallel fuzzing
setuid