Finding The .webp Vulnerability in 8s (Fuzzing with AFL++)
A guide on how to do fuzzing with AFL in an attempt to rediscover the libwebp vulnerability CVE-2023-4863 that was used to hack iPhones.
Want to learn hacking? Signup to (ad)
Buy my shitty font: (ad)
Watch webp Part 1:
Sudo Vulnerability Series:
Docker Video:
OSS-Fuzz:
OSS-Fuzz libwebp coverage:
AFLplusplus:
vanhauser’s blog:
vanhauser/thc on twitter:
AFLpluslus Persistent Mode:
Grab the code:
=[ ❤️ Support ]=
Find out how you can support LiveOverflow:
=[ 🐕 Social ]=
→ 2nd Channel:
→ Twitter:
→ Streaming:
→ TikTok: @liveoverflow_
→ Instagram:
→ Blog:
→ Subreddit:
→ Facebook:
Chapters:
00:00 - Intro
00:36 - How to Learn About Fuzzing?
02:36 - Setting Up Fuzzing With AFL
04:53 - My Docker Workflow for Fuzzing
06:35 - AFL Different Coverage Strategies
09:50 - Start the libwebp Fuzzing Campaign
11:58 - Adjusting the Fuzzer
13:45 - Why Don’t We Find a Crash?
15:49 - Fuzzing with AFL Persistent Mode
19:47 - Persistent Mode Fuzzing Results
20:46 - Finding the Vulnerability in 8s
7 days ago 00:02:36 1
7 days ago 00:02:36 5
7 days ago 00:03:02 1
7 days ago 00:12:48 1
7 days ago 00:04:12 2
1 week ago 00:13:15 1
2 weeks ago 00:03:15 1
2 weeks ago 00:02:03 1
2 weeks ago 00:23:23 1
2 weeks ago 00:14:36 1
2 weeks ago 00:11:43 1
2 weeks ago 00:04:27 1
2 weeks ago 01:04:50 1
2 weeks ago 00:02:51 1
2 weeks ago 00:03:28 1
3 weeks ago 00:03:39 1
![Slipknot - Left Behind [OFFICIAL VIDEO] [HD]](https://sun9-35.userapi.com/-wbN0jQ_BDmlfHxHByAshLfObfFJN2gMf-I7BQ/AYPokv9rbEs.jpg)
3 weeks ago 01:04:51 18
3 weeks ago 01:34:05 1
3 weeks ago 00:11:13 1
3 weeks ago 00:04:27 1
3 weeks ago 00:03:06 1
3 weeks ago 00:47:35 1
3 weeks ago 00:01:18 1
3 weeks ago 00:06:30 1
