Blind Code Coverage Fuzzing presented at t2InfoSecCon 2014

by Joxean Koret,


Summary : The presentation will show a new, open source, distributed fuzzing suite with web administration called Nightmare. Among some of the tools included in this fuzzing suite, special emphasis will be made in the "Blind Code Coverage Fuzzer" (BCCF), a fuzzing approach which mixes code coverage and the usual pseudo-random mutations in order to maximize the code executed by original templates as well as to discover vulnerabilities during this process. This fuzzing suite and the tool BCCF have been used, "somewhat successfully", against antivirus products (some old results were shown in SyScan and SyScan360 2014), scripting languages, IDA Pro, OpenSSL and a rather long list of other software products.
Joxean Koret has been working for the past 14 years in many different computing areas. He started working as database software developer and DBA for a number of different RDBMS. Afterwards he got interested in reverse engineering and applied this knowdlege to the DBs he was working with, for which he has discovered dozens of vulnerabilities in products from the major database vendors, specially in Oracle software. He also worked in other security areas like malware analysis and anti-malware software development for an Antivirus company or developing IDA Pro at Hex-Rays. He is currently a security researcher in Coseinc.