Malware News
15K subscribers
1.63K photos
7 videos
130 files
7.96K links
The latest NEWS about malwares, DFIR, hacking, security issues, thoughts and ...

Partner channel: @cveNotify

For ads: https://telega.io/c/malwr
Download Telegram
Fuzzing FastCGI With AFL-Fuzz
πŸ—£MoneyWaveSal

>FastCGI is written in C/C++.

FastCGI is a protocol. It isn't written in anything but maybe BNF or similar syntax description languages.
πŸ‘€Taladar

Can someone explain to me why a fuzzer was used instead of manually reverse engineering it? The protocol seems small and simple.

Wouldn't reverse engineering be better for this?
And a fuzzer better for big programs?
πŸ‘€SombraSec

A bit of a tease at the end with found 31 items and not even mentioning if they were
1. Possible to do remotely - some parameters are not accessible by an attacker
2. We (or looked) exploitable

Looking forward to a follow up article
πŸ‘€rathaus


πŸŽ–@malwr
DFIR Tools
πŸ—£cyberg0100


πŸŽ–@malwr