Replicating OpenSSL Vulnerabilities CVE-2022-3602 and CVE-2022-3786 - How-to Guide
Fuzzing_in - Hardik Shah via YouTube
AI Engineer - Learn how to integrate AI into software applications
Learn Generative AI, Prompt Engineering, and LLMs for Free
Overview
Syllabus
introduction
Looking at the fixed code
Cloning OpenSSL Repo and looking at the code
Compiling OpenSSL-3.0.7 version
Running test case binary
Getting vulnerable version of OpenSSL
Copying test cases for CVEs from openssl-3.0.7 to openssl-3.0.6
compiling OpenSSL-3.0.6 version
Running test cases and replicating vulnerabilities
using libfuzzer to find the vulnerability
Conclusion
Taught by
Fuzzing_in - Hardik Shah