Advanced Mutation Fuzzing Method For Wireless Protocols


Many open source fuzzers for wireless that were already published are no longer sufficient to find new bugs. We have built a new fuzzer which allows us to find IoT wireless vulnerabilities and also use it in the search for car wireless module vulnerabilities. In this talk, we will cover:

1.) Basics of wireless fuzzing technology and introduce the shortcomings of the common fuzzer programming library bugs we have found. We will also conduct code audits for open source fuzzers to show you how a traditional fuzzer works.

2.) We will introduce our new fuzzer and how to quickly and effectively construct a fuzzing case and how to track the crash. Most importantly, we will explain how to perform Smart Mutation on the payload (fuzzing case) to make the payload more powerful! In terms of wireless fuzzing, we will analyze the three states of AP, client and WPA. We have prepared four video demos which will cover:

  • Attacks on mobile devices (smart phone wireless interface-WPA_supplicant component vulnerability)
  • Mediatek wifi chip remote kernel crash(Affects more than 100 models of routers and smart devices)and automotive (IVI) wireless modules as well
  • A classic Windows remote kernel overflow due to wireless network card driver vulnerability

Location: BALLROOM 1 Date: August 29, 2019 Time: 2:00 pm - 3:00 pm Lidong Li Xianzi Kong