DeepSec 2012 Talk: AMF Testing Made Easy
Protocols are fun. When it comes to security, protocols are both loved and loathed. Security researchers have fun breaking them. Developers have a hard time designing them (this is why short-cuts will be taken and weaknesses are introduced). Penetration testers are sent to discover broken protocols and to exploit them. Attackers usually know some bits about protocols, too. This is where you come in. Regardless on which side you are on, you need to know, too. It’s not always about security, though. Typical software deployment or development requires testing, too. Luca Carettoni has good news for you either way.
Despite the popularity of Flex and the AMF binary protocol, testing AMF-based applications is still a manual and time-consuming activity. This research aimed at improving the current state of art, introducing a new testing approach and a new tool named Blazer. Blazer has been proven to significantly improve the coverage and the effectiveness of AMF security testing, in order to find real-life vulnerabilities including direct object reference bugs, authentication flaws, business logic abuses, SQL injections and other critical bugs. These are the things you are looking for when it comes to security testing.
Blazer has been firstly introduced at Black Hat USA 2012. At DeepSec 2012, a major software update with new functionalities will be released. During the talk, Luca will explain the approach and the heuristics implemented – in addition to real-life bugs discovered using the tool. Make sure you attend the presentation!