14. Network Protocol Fuzzing

“I own a timber company? That’s news to me. Need some wood?”

George W. Bush, second presidential debate, St. Louis, MO, October 8, 2004

Fuzzing was born at the University of Wisconsin with the introduction of random arguments to command-line setuid UNIX utilities. Despite this initial association the term fuzzing today is typically thought of as applying to network protocols, and for good reason. Network protocol fuzzing is the most interesting fuzzing transport for security researchers as the discovered vulnerabilities carry the highest criticality. A remotely exploitable vulnerability that does not require valid credentials to reach or any interaction from a target user to exploit is the epitome of ...

Get Fuzzing: Brute Force Vulnerability Discovery now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.