|
PRESENTATION:
|
In the lands of corrupted elves – Breaking ELF software with Melkor fuzzer
|
|
PRESENTER(S):
|
Alejandro Hernandez, Senior Security Consultant for IOActive
|
|
CONFERENCE:
|
BSides Colombia
|
|
LOCATION:
|
Chamber of Commerce Bogota Calle 67, Bogota Colombia
|
|
DATE & TIME:
|
October 10, 2014 at 13:00 PM
|
In this presentation, Alejandro will discuss the security risks involved in the ELF parsing process. He will use live demonstrations to show how to exploit functional and security bugs using Melkor.
Melkor, written in C, is an intuitive and easy-to-use ELF file format fuzzer. It mutates the existing data in an ELF sample; however, it does not change values randomly (dumb fuzzing), instead, it fuzzes certain metadata with semi-valid values through the use of fuzzing rules. In order to have higher code/branch coverage during testing, certain metadata dependencies must be in place. Alejandro will explain how Melkor implements these rules when creating malformed ELF files.
About Alejandro Hernández
As Senior Security Consultant for IOActive, Alejandro Hernández is a security professional with experience in penetration testing, risk analysis, threat modeling, tactical exploitation, open source intelligence, vulnerability development, code review, ISMS design, fuzz testing, security strategies, network traffic analysis, IT compliance auditing, and IT governance. He has worked for Fortune 500 companies in different countries such as Mexico, United Kingdom, South Korea, and the USA. He’s also done SCADA security assessments at industrial plants and other industrial critical infrastructures.
Alejandro is a security enthusiast and autodidact who is motivated to do research and development projects in his free time, focusing on IT security and its weaknesses. He cofounded the hacker magazine ContHACKto, planned content, and contributed articles related to information and network security. He participated in the SANS Toronto, Canada Capture The Flag competition. Over the past years, he has written a couple of articles for the IOActive research blog related to reverse engineering and vulnerability development.
About BSides Colombia
BSides Colombia seeks to develop and share knowledge about information security with the help of the best experts at national and international levels in highly technical subjects in an innovative environment.
About IOActive
IOActive is a comprehensive, high-end information security services firm with a long and established track record in delivering elite security services to its customers. Our world-renowned consulting and research teams deliver a portfolio of specialist security services ranging from penetration testing and application code assessment to chip reverse engineering. Global 500 companies across every industry continue to trust IOActive with their most critical and sensitive security issues. Founded in 1998, IOActive is headquartered in Seattle, USA, with global operations through the Americas, EMEA, and Asia Pac regions. Visit www.ioactive.com for more information. Follow IOActive on Twitter: http://twitter.com/ioactive.
###
Feeling social?
IOActive in LinkedIn
IOActive on Facebook
IOActive on YouTube
IOActive on Crunchbase
IOActive on Github