The Hacker Mind

EP 11: Hacking OpenWRT

December 8, 2020

For three years OpenWRT had a severe validation problem with its download package manager, until a fuzz tester found and reported the vulnerability.  

 

In this episode, Guido Vranken talks about his approach to hacking, about the differences between memory safe and unsafe languages, his use of fuzz testing as a preferred tool, and how he came to discover the validation error in OpenWRT, as well as a serialization error in Cereal, and other vulnerabilities. 

Podbean App

Play this podcast on Podbean App