search menu icon-carat-right cmu-wordmark

Death by Thumb Drive

July 2019 Presentation
Will Dormann

In this talk, Will Dormann discusses how to use CERT BFF to fuzz filesystems, and how to analyze kernel-level crashes.

Publisher:

Software Engineering Institute

Abstract

CERT BFF is a file mutation fuzzer. Recent changes to BFF, enable the ability to extend the operations that are performed by the fuzzer. In this presentation, Will Dormann, CERT software vulnerability analyst, discusses how to use CERT BFF to fuzz filesystems, and how to analyze kernel-level crashes.

As a result of a brief amount of fuzzing, a single USB thumber can be created to crash Windows, macOS, Linix, and other operating systems. The speaker will discuss the impacts beyond OS crashes, and attack vectors that do not require physical access to a machine.