Finding The .webp Vulnerability in 8s (Fuzzing with AFL++)
A guide on how to do fuzzing with AFL in an attempt to rediscover the libwebp vulnerability CVE-2023-4863 that was used to hack iPhones.
Want to learn hacking? Signup to (ad)
Buy my shitty font: (ad)
Watch webp Part 1:
Sudo Vulnerability Series:
Docker Video:
OSS-Fuzz:
OSS-Fuzz libwebp coverage:
AFLplusplus:
vanhauser’s blog:
vanhauser/thc on twitter:
AFLpluslus Persistent Mode:
Grab the code:
=[ ❤️ Support ]=
Find out how you can support LiveOverflow:
=[ 🐕 Social ]=
→ 2nd Channel:
→ Twitter:
→ Streaming:
→ TikTok: @liveoverflow_
→ Instagram:
→ Blog:
→ Subreddit:
→ Facebook:
Chapters:
00:00 - Intro
00:36 - How to Learn About Fuzzing?
02:36 - Setting Up Fuzzing With AFL
04:53 - My Docker Workflow for Fuzzing
06:35 - AFL Different Coverage Strategies
09:50 - Start the libwebp Fuzzing Campaign
11:58 - Adjusting the Fuzzer
13:45 - Why Don’t We Find a Crash?
15:49 - Fuzzing with AFL Persistent Mode
19:47 - Persistent Mode Fuzzing Results
20:46 - Finding the Vulnerability in 8s
3 weeks ago 00:20:19 1
3 weeks ago 00:03:49 1
3 weeks ago 00:05:00 1
3 weeks ago 00:31:50 1
3 weeks ago 00:08:17 2
3 weeks ago 03:06:52 2
4 weeks ago 00:15:04 1
4 weeks ago 00:02:45 3
![Last Hounds - Growing Pains [Official Visualiser]](https://sun9-75.userapi.com/XUXHonDbPhnl4BEDXrEbP8FOmqEPfUPIbLzrkQ/Uus16JvvR7A.jpg)
4 weeks ago 00:07:23 1
4 weeks ago 00:02:42 1
4 weeks ago 00:03:57 1
4 weeks ago 00:30:40 1
4 weeks ago 01:02:56 1
4 weeks ago 00:00:00 1
4 weeks ago 00:08:37 1
4 weeks ago 00:03:03 1
4 weeks ago 00:14:19 1
4 weeks ago 00:04:30 1
4 weeks ago 01:05:49 1
4 weeks ago 00:52:33 1
4 weeks ago 00:32:05 1
4 weeks ago 00:04:22 3
4 weeks ago 00:03:07 1
4 weeks ago 00:21:53 2
