Virtualizing IoT With Code Coverage Guided Fuzzing

Coverage guided fuzzing became a trending technique to discover vulnerabilities and is the main contributor to countless 0days in the last few years. Unfortunately, this breakthrough method is only popular on PC systems and has not yet been applied to finding bugs in embedded devices (like network routers, IP cameras, etc).

This talk aims to change that and presents how we built our guided fuzzer that:

  • Emulates firmware.
  • Performs dynamic binary instrumentation so that we can fuzz all platforms & embedded IoT architecture without requiring source code.

Our fuzzer has already discovered several vulnerabilities that allow pre-authenticated remote code execution that affects multi-million users and can be potentially turned into a new botnet-worm with massive-scale infection.

This presentation will show some of these bugs, with details on how we exploit them. The audience can expect a deeply technical, but still entertaining presentation, with many exciting demos.

Note: You can also check out the tool in action at the HITB Armory area. 

MAIN CONFERENCE
Location: Conf Track 1 Date: November 27, 2018 Time: 11:45 am - 12:45 pm Kai Jern Lau Nguyen Anh Quynh