Fuzzing PHP
We present the application of a state of the art data fuzzing program American Fuzzy Lop (AFL) to discover new vulnerabilities that could be present in PHP. We will walk through the discovery, submission and patching of a newly found bug in PHP. The bug was first discovered in PHP version 7.0.16 and...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project |
| Language: | English |
| Published: |
2017
|
| Subjects: | |
| Online Access: | http://hdl.handle.net/10356/72786 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-72786 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-727862023-03-03T20:25:19Z Fuzzing PHP Li, Sebastian Jun Nan Liu Yang School of Computer Science and Engineering DRNTU::Engineering::Computer science and engineering We present the application of a state of the art data fuzzing program American Fuzzy Lop (AFL) to discover new vulnerabilities that could be present in PHP. We will walk through the discovery, submission and patching of a newly found bug in PHP. The bug was first discovered in PHP version 7.0.16 and 5.6.30 and subsequently patched in version 7.0.21. The bug is presented with CVE- 2017-11144, with the implication of a DOS attack. Bachelor of Engineering (Computer Science) 2017-11-16T04:41:17Z 2017-11-16T04:41:17Z 2017 Final Year Project (FYP) http://hdl.handle.net/10356/72786 en Nanyang Technological University 36 p. application/pdf |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
NTU Library |
| collection |
DR-NTU |
| language |
English |
| topic |
DRNTU::Engineering::Computer science and engineering |
| spellingShingle |
DRNTU::Engineering::Computer science and engineering Li, Sebastian Jun Nan Fuzzing PHP |
| description |
We present the application of a state of the art data fuzzing program American Fuzzy Lop (AFL) to discover new vulnerabilities that could be present in PHP. We will walk through the discovery, submission and patching of a newly found bug in PHP. The bug was first discovered in PHP version 7.0.16 and 5.6.30 and subsequently patched in version 7.0.21. The bug is presented with CVE- 2017-11144, with the implication of a DOS attack. |
| author2 |
Liu Yang |
| author_facet |
Liu Yang Li, Sebastian Jun Nan |
| format |
Final Year Project |
| author |
Li, Sebastian Jun Nan |
| author_sort |
Li, Sebastian Jun Nan |
| title |
Fuzzing PHP |
| title_short |
Fuzzing PHP |
| title_full |
Fuzzing PHP |
| title_fullStr |
Fuzzing PHP |
| title_full_unstemmed |
Fuzzing PHP |
| title_sort |
fuzzing php |
| publishDate |
2017 |
| url |
http://hdl.handle.net/10356/72786 |
| _version_ |
1759855440722657280 |