For three years OpenWRT had a severe validation problem with its download package manager, until a fuzz tester found and reported the vulnerability.
In this episode, Guido Vranken talks about his approach to hacking, about the differences between memory safe and unsafe languages, his use of fuzz testing as a preferred tool, and how he came to discover the validation error in OpenWRT, as well as a serialization error in Cereal, and other vulnerabilities.
12/08/20 • 25 min
Generate a badge
Get a badge for your website that links back to this episode
<a href="https://goodpods.com/podcasts/the-hacker-mind-203939/ep-11-hacking-openwrt-20919793"> <img src="https://storage.googleapis.com/goodpods-images-bucket/badges/generic-badge-1.svg" alt="listen to ep 11: hacking openwrt on goodpods" style="width: 225px" /> </a>
Copy