Whether you are looking for vulns, or handling vulns reported by others, at some point you're going to have a repro that crashes an application and you're going to want to know as much as possible about the bug it's triggering, spending as little effort and time as possible doing this. What you want is automated bug detection, analysis, triaging and bucketizing. This is what BugId was designed to do and this talk will explain how it works. BugId is a python script that runs a Windows application in a debugger, using page-heap to detect memory corruption and out-of-bound access early. It handles exceptions and reports bugs not as "access violation" but as "heap use-after-free", "heap out-of-bounds read", "NULL pointer dereference", etc. It will tell you how big the relevant memory block is and the offset at which the code is trying to access it. It will tell you if the bug is likely to be exploitable and what an attacker might need to do to exploit it. It can collect a large number of details and write these into a human readable, HTML formatted report. Since I am finding more than one unique bug a day with my fuzzing framework, I've integrated it in my fuzzing framework to triage and bucketize my bugs. It allows me to prioritize the interesting vulnerabilities and jump-starts analysis by telling me most of the basic information I need before I've even started a debugger.Back to Open CFP
Yes! I've been following Skylined work and it's simply brilliant. It would be amazing to see him live showing us BugID, apparently, a time saver when triaging memory corruption bugs.
Looks like a very good talk!
Sounds like a very useful tool for bug hunters. I'm a fan of everything that makes vulnerability analysis easier and quicker.
Awesome tool. I use it daily
Awesome tool, Already using and looking forward to know more about it.
Awsome tool. Expect you to talk about the fuzzer method
We are pleased to announce the Call For Papers for INFILTRATE 2018 is now open. If you would like to present and have an offense-focused-fresh-content presentation, please submit an abstract, Bio and headshot to firstname.lastname@example.org. This information will be included on our Open CFP site, here, where the public can vote on which presentations they are most interested in seeing at INFILTRATE. Call for papers will close on December 14th, 2017. Shortly after this date, the winning speakers will be notified.
Some of the benefits of speaking at INFILTRATE are: