Chapter 14. Network Protocol Fuzzing
“I own a timber company? That’s news to me. Need some wood?”
|--George W. Bush, second presidential debate, St. Louis, MO, October 8, 2004|
Fuzzing was born at the University of Wisconsin with the introduction of random arguments to command-line
setuid UNIX utilities. Despite this initial association the term fuzzing today is typically thought of as applying to network protocols, and for good reason. Network protocol fuzzing is the most interesting fuzzing transport for security researchers as the discovered vulnerabilities carry the highest criticality. A remotely exploitable vulnerability that does not require valid credentials to reach or any interaction from a target user to exploit is the epitome of discoveries, ...