{"guid":"import-bc2aaf07ba36dce54b","title":"Autodafé: An Act of Software Torture","subtitle":"Presentation of an innovative buffer overflow uncovering technique called \"Fuzzing by weighting attacks with markers\"","slug":"22C3-606-en-autodafe","link":"http://events.ccc.de/congress/2005/fahrplan/events/606.en.html","description":"Automated vulnerability searching tools have led to a dramatic increase of the rate at which such flaws are discovered. One particular searching technique is fault injection – i.e. insertion of random data into input files, buffers or protocol packets, combined with a systematic monitoring of memory violations. Even if these tools allow to uncover a lot of vulnerabilities, they are still very primitive; despite their poor efficiency, they are useful because of the very high density of such vulnerabilities in modern software.\n","original_language":"eng","persons":["Martin Vuagnoux"],"tags":["22c3"," Hacking"],"view_count":71,"promoted":false,"date":"2005-12-28T01:00:00.000+01:00","release_date":"2007-12-29T01:00:00.000+01:00","updated_at":"2026-04-01T22:45:05.959+02:00","length":2323,"duration":2323,"thumb_url":"https://static.media.ccc.de/media/congress/2005/22C3-606-en-autodafe.jpg","poster_url":"https://static.media.ccc.de/media/congress/2005/22C3-606-en-autodafe_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2005/import-bc2aaf07ba36dce54b-timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2005/import-bc2aaf07ba36dce54b-thumbnails.vtt","frontend_link":"https://media.ccc.de/v/22C3-606-en-autodafe","url":"https://api.media.ccc.de/public/events/import-bc2aaf07ba36dce54b","conference_title":"22C3: Private Investigations","conference_url":"https://api.media.ccc.de/public/conferences/22c3","related":[{"event_id":17,"event_guid":"import-c264bc85b41adf308a","weight":1},{"event_id":133,"event_guid":"import-68a0bc786541d30fa0","weight":1},{"event_id":714,"event_guid":"import-72f36f6e2f89c8ba36","weight":1},{"event_id":719,"event_guid":"import-aef220e2a9fcc65152","weight":1},{"event_id":938,"event_guid":"import-044a4bc90d533f8e0d","weight":1},{"event_id":966,"event_guid":"import-e31124eb287156c040","weight":1},{"event_id":978,"event_guid":"import-b7d69fc8c75382206a","weight":1},{"event_id":979,"event_guid":"import-ca377fadd50f41d378","weight":1},{"event_id":1008,"event_guid":"import-3879979ffb75b723f8","weight":1},{"event_id":1483,"event_guid":"import-d37adcac32db0b17c2","weight":1},{"event_id":2278,"event_guid":"d8fb48bd-c5af-45fe-b942-3a55a7681d8f","weight":1},{"event_id":2283,"event_guid":"47f2e2cd-46a7-412e-9784-8eabd1ad7867","weight":1},{"event_id":2287,"event_guid":"8a908634-6d94-4183-beaf-9bfb3f82648c","weight":1},{"event_id":5231,"event_guid":"38433858-5443-2020-2020-202020202020","weight":1},{"event_id":6005,"event_guid":"67dbfc12-f4ad-4a4d-8370-118f1c72e98b","weight":1}],"recordings":[{"size":81,"length":2323,"mime_type":"audio/ogg","language":"eng","filename":"22C3-606-en-autodafe.ogg","state":"downloaded","folder":"lectures/audio/ogg","high_quality":true,"width":320,"height":240,"updated_at":"2014-05-10T15:26:37.251+02:00","recording_url":"https://cdn.media.ccc.de/congress/2005/lectures/audio/ogg/22C3-606-en-autodafe.ogg","url":"https://api.media.ccc.de/public/recordings/1705","event_url":"https://api.media.ccc.de/public/events/import-bc2aaf07ba36dce54b","conference_url":"https://api.media.ccc.de/public/conferences/22c3"},{"size":81,"length":2323,"mime_type":"video/mp4","language":"eng","filename":"22C3-606-en-autodafe.m4v","state":"downloaded","folder":"lectures/video/mp4-avc/320x240","high_quality":true,"width":320,"height":240,"updated_at":"2016-01-27T11:03:18.637+01:00","recording_url":"https://cdn.media.ccc.de/congress/2005/lectures/video/mp4-avc/320x240/22C3-606-en-autodafe.m4v","url":"https://api.media.ccc.de/public/recordings/1704","event_url":"https://api.media.ccc.de/public/events/import-bc2aaf07ba36dce54b","conference_url":"https://api.media.ccc.de/public/conferences/22c3"}]}