Network applications use client and server architectures to exchange data. While we did not discover any new vulnerabilities, this step-by-step guide can help others looking to add or improve fuzzing technique strategies to their arsenal of threat discovery and analysis tools.
For this blog, we document the process of auditing and fuzzing the Microsoft Internet Message Access Protocol (IMAP) Client protocol. Finding and reporting these vulnerabilities, especially in commonly used applications, help lower cyber risk for everyone.įortinet researchers join the rest of the threat research community in helping to achieve this goal. This vulnerability discovery technique sends malformed packets to the application being tested to uncover vulnerabilities in network protocol implementations. Threat researchers work to ensure that many of the most popular network applications are properly secured using tools like network protocol fuzzing. Hardening network applications is a mission-critical task to minimize attack vectors like WannaCry. To date, this malware is estimated to have affected over 200,000 computers across 150 countries.
We have seen such attacks in real-life, such as the notorious WannaCry ransomware that exploited the Simple Message Block (SMB) protocol, dubbed EternalBlue, to attack Microsoft Windows computers by encrypting data and demanding ransom payments in Bitcoin cryptocurrency. Security holes in network applications often yield a more significant security impact as compared to other attack vectors, as adversaries may be able to leverage those vulnerabilities to gain remote code execution status on vulnerable computers without any user interactions. Because of their inherent complexity, security vulnerabilities in network applications are inevitable. Many network protocols on the Internet serve different purposes, some of which can be complex and sophisticated.
The computers within a network may use vastly different software and hardware however, protocols enable them to communicate with each other regardless. Network protocols are like a common language for computers. In networking, a protocol is a set of rules that defines standard formats and processes for interpreting raw data sent by computers.