Many open source fuzzers for wireless that were already published are no longer sufficient to find new bugs. We have built a new fuzzer which allows us to find IoT wireless vulnerabilities and also use it in the search for car wireless module vulnerabilities. In this talk, we will cover:
1.) Basics of wireless fuzzing technology and introduce the shortcomings of the common fuzzer programming library bugs we have found. We will also conduct code audits for open source fuzzers to show you how a traditional fuzzer works.
2.) We will introduce our new fuzzer and how to quickly and effectively construct a fuzzing case and how to track the crash. Most importantly, we will explain how to perform Smart Mutation on the payload (fuzzing case) to make the payload more powerful! In terms of wireless fuzzing, we will analyze the three states of AP, client and WPA. We have prepared four video demos which will cover: