Practical fuzzing for pentesters (W34) - Pentestmag

18 CPE CREDITS
This course is self-paced and pre-recorded


This course will introduce you to the concepts behind general penetration testing and then how fuzzing fits into the penetration testing context. We'll dive further into fuzzing to look at the different types of fuzzing and introduce you to the Peach fuzzing framework. We then use that framework to understand the structure of several sample peach PIT files that are used to fuzz different environments. Finally we will take what we learned from the samples and look at more advanced fuzzing with Peach.


This course is available only for premium users.


Click here to buy the course


You will learn:

You will learn the basics of fuzzing and then we will cover how to use the Peach framework in the Windows operating system environment.You will learn how to use the Peach fuzzing framework and sample Peach PIT files to fuzz various different common elements of interest. We’ll then dig deeper into the sample Peach PIT files to understand how they were constructed and understand how they can be the building blocks for more advanced fuzzing tasks. This will enable you to be comfortable enough build your own Peach PIT files from the samples and then complete more advanced fuzzing tasks.


You will need:

You will need a physical machine, or a VM, running 32 -bit Windows 7 with

  • 1.8 GHz or faster processor. Dual-core or better recommended
  • 2 GB of RAM; 4 GB of RAM recommended (2.5 GB minimum if running on a virtual machine)
  • Hard disk space: at least 500MB of free space, 1GB preferred depending on features installed. (at least 14 GB space needed if you use the provided VM)
  • Video card that supports a minimum display resolution of 720p (1280 by 720)
  • An installed XML editor (Notepad++ recommended, free from https://notepad-plus-plus.org/)
  • An installed VMware Workstation Player (free from VM)

NOTE: The VM will be provided to you. We'll use Peach 3.0 Community Edition


You should know before you join:

You will need a basic knowledge of python, and xml. An understanding of the C programming language and C types will also be helpful as they are very similar to the types used by Peach.



Course syllabus:


Module 1: Introduction, Penetration Testing Context

Module 1 description: This Module looks at the penetration testing context for fuzzing. We provide a general overview of security challenges, and the different aspects of penetration testing used to address those challenges.  This sets the context for how we will apply fuzzing during penetration testing.

Module 1 covered topics:

  • The Challenge
  • Vulnerabilities
  • Software Check Points
  • The Uneven Balance
  • Types of Security Assessments
    • Security Audits
    • Vulnerability Scannners
    • Penetration Testing
  • The Components of Penetration testing (Pentesting)
  • Categories of Pentesting
  • Pentesting Options
  • The Test Plan
  • The Hack-A-Thon
  • Type of Pentesting
  • Pentesting Tools
  • Fuzzing Defined
    • What is Fuzzing?
    • Why do it?
  • Where Fuzzing Fits In Penetration Testing?
  • Fuzzing Terms
  • Fuzzing Advantages
  • Vulnerabilities Fuzzing Can Expose
  • Other Terms for testing Similar to Fuzzing
  • Fuzzing Basics
  • Fuzz Testing Techniques
  • Using Fuzzing for 3rd Party Code testing
  • Some Fuzz Testing Tools
  • The Peach Framework
  • Why Peach?

Module 1 exercises:

  • Quiz on fuzzing terms and components

Module 2: Applied Fuzzing using Peach

Module 2 description: In this module we will install the Peach Framework or VM and will review the framework components and their syntax. We will then work through several of the provided sample PIT files to understand how they work and what they do.

Module 2 covered topics:

  • Introduction to Peach
    • The Development Environment
    • Installing The Peach Framework
    • The Peach Framework
  • Peach PIT File Structure
    • Configuration
    • Data Models
    • State Models
    • Publishers
    • Agents and Monitors
  • Running Peach commands
    • Peach
      • The command line
    • Peach Validator
  • How to analyze Logs and use Peach Command line options to reproduce issues
  • Understanding the sample PIT files
    • Hello World
    • DebuggerWindows
    • CrashingFileConsumer
    • ExampleDefinitionsFile

Module 2 exercises:

  • Exercise 1 – Hello World
  • Exercise 2 – DebuggerWindows
  • Exercise 3 – CrashingFileConsumer
  • Exercise 4 – FileFuzzing
  • Exercise 5 – Reproducing Issues using log files

Module 3: Creating Your Own PIT files with Peach

Module 3 description: In this module we will take what we learned in the previous module and create several PIT files to test additional syntax and component functions of peach

Module 3 covered topics:

  • Using String Attributes
  • Using Number Attributes
  • Using Fixups
  • Using Blobs
  • Using Count
  • Using Size
  • Using Blocks
  • Using Choices
  • Using References
  • Using Relations
  • Using Transformers

Module 3 exercises:

  • Exercise 1 – Using Count
  • Exercise 2 – Using Size
  • Exercise 3 – File Input and Data Model Parsing
  • Exercise 4 – Working with Blocks
  • Exercise 5 – Working with Relations
  • Exercise 6– Working with Transformers

Module 4: Advanced Fuzzing Options with Peach

Module 4 description: In this module we will take what we learned in the previous module and dive deeper into additional Peach options. We will then create additional PIT files with logging and monitors to test additional advanced syntax and component functions of peach

Module 4 covered topics:

  • Agents
  • Monitors
  • Mutators
  • How to Capture an Easy Chat Server http registration with Wireshark
  • Create a PIT file to fuzz the Easy Chat Server http registration
  • How to open a file and have Peach parse it in the Data Model
  • Diving Deeper into Strings, Blocks and Choices
  • Using the Mutable flag to selectively mutate data at different levels
  • Parallel Fuzzing

Module 4 exercises:

  • Exercise 1 – Create a PIT File with an Agent and Process Monitor
  • Exercise 2 – Create a PIT file with an Agent and a Command Monitor
  • Exercise 3 – Capture an Easy Chat Server Registration and parse it
  • Exercise 4 – Fuzz the Easy Chat Server Registration
  • Exercise 5 – Read File for URL then Parse with Tokens
  • Exercise 6 – Selectively mutate sections of URL to mutate from Exercise 5
  • Final Exam

Your instructor:

Ron Tafoya is the Technologist in Residence for a high technology business accelerator located in New Mexico called the High Desert Discovery District (HD3). He comes to HD3 from Intel Corporation where he was the Security Champion for the Intel Non-Volatile Memory Solutions Group (NSG). He was with Intel for 16 years. As the Security Champion for NSG, he was responsible for the security all NSG products, which included all Intel Solid State Drives. He has more than 25 years of professional experience in all aspects of computer software application development and deployment and has focused on cyber security for over 20 years. He is a certified Project Management Professional (PMP), he is a Certified Ethical Hacker (C|EH), and is a Certified Information System Security Professional (CISSP). In addition to his security experience, he also has broad experience in small business development and technology and has held various other positions such as the Senior Project Manager for the National Center for Gnome Research and the Technology Enterprise Division Director in the New Mexico Economic Development Department. He is active in Infragard, and several other local and national security organizations and also sits on various boards for public and private sector organizations.

Follow him on Twitter @rtafoya, on LinkedIn at https://www.linkedin.com/in/rontafoya, or on his blog at http://goo.gl/gsLZmE.


Contact
Questions? Reach out to us at [email protected]

Course Reviews

N.A

ratings
  • 5 stars0
  • 4 stars0
  • 3 stars0
  • 2 stars0
  • 1 stars0

No Reviews found for this course.

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023