Gray Box Fuzzing for Web Security

Allgemein

Betreuer: Cornelius Aschermann

Beginn: as soon as possible

Dauer: 6 month

Weitere Details:

Beschreibung

Recently, guided gray box fuzzing has gained significant traction in binary security. This is mostly due to the incredible number of critical bugs found by American fuzzy lop (http://lcamtuf.coredump.cx/afl/). Gray box fuzzing performs significantly better than previous fuzzing approaches and will often generate valid files for unknown file formats (https://lcamtuf.blogspot.de/2014/11/pulling-jpegs-out-of-thin-air.html). Yet, there are currently no gray box fuzzing tools for projects that are written in common scripting languages such as Ruby or Python.

The thesis' goal is to develop a gray box fuzzing tool for projects written in a common scripting language, focusing on web applications (e.g. Ruby on Rails).

  • Build a gray box fuzzing tool for a common scripting language
  • Develop a definition of interesting behavior
  • Develop a way for dealing with native functions that cannot be traced
  • Develop a way for dealing with CSRF tokens et al.
  • Evaluating the performance of the approach

Voraussetzungen

  • Experience with a scripting language such as Ruby or Python
  • Experience with some of the bigger web frameworks
  • Interest in Web-Exploitation