Testing and exploiting binary network protocols can be both complex and time consuming. More often than not, custom software needs to be developed to proxy, parse and manipulate the traffic. CANAPE is a new Windows tool we are releasing at Blackhat which takes the existing paradigm of Web Application testing tools (such as CAT, Burp or Fiddler) and applies that to any network protocol. CANAPE provides a user interface that facilitates the capture and replaying of binary network traffic, whilst providing a framework to develop parsers and fuzzers.
This presentation will follow a worked example of using CANAPE to analyse the Citrix ICA binary protocol, allowing the discovery of a heap corruption bug that can be used to gain remote code execution on Citrix clients.
Žádné komentáře:
Okomentovat