Network Protocol Fuzzing

March 14, 2016 (at 9 a.m.)

Daniel Mende

This workshop will cover all steps and methods for the analysis and fuzzing of network protocols. This is an exercise heavy course, attendees should be prepared to spend a lot of time inside Wireshark, hex editors, and a Python IDE.

Agenda

Intoduction to Network Protocol Analysis
- Motivation
- Examples for past network protocol bugs and vulnerabilities
- Structured approach to reverse engineer network protocols
Introduction to dizzy
- Fuzzing framework overview & delimitation of dizzy
- dizzy file formats (.dizz and .act files)
Applied fuzz testing & exercises:
- ARP
- IPv6
- SIP
- USB
Extending dizzy
- Writing your custom dizz objects!

Who should attend?

IT Security professionals that are interested to learn more about network protocol analysis and fuzzing, in particular vulnerability research and penetration testers.

Requirements

Python basics
Python 3.x
Wireshark
Facedancer (if you have one)

Daniel Mende

Daniel Mende is a German security researcher with ERNW GmbH and specializes in network protocols and technologies. He is well known for his Layer2 extensions of the SPIKE and Sulley fuzzing frameworks. He has also discussed new ways of building botnets and presented on protocol security at many occasions including Troopers, ShmooCon and Black Hat. He has written several tools for assessment of telecommunication networks like Pytacle, GTP-Scan, Dizzy and APNBF.