In this talk, we share our adventure in applying coverage-based fuzzing to the RDP client, more specifically, virtual channels in RDP. In the RDP client, virtual channels deal with complex functionalities of RDP such as Sound, Graphics (GDI and RemoteFX), USB, Filesystem, SmartCard, etc., most of which involves parsing and allocation of dynamic data. Based on this fact, we set our main fuzzing targets as virtual channels with a hope of finding numerous crashes.

By Chun Sung Park, Yeongjin Jang, Seungjoo Kim and Ki Taek Lee

Full Abstract & Presentation Materials: https://www.blackhat.com/eu-19/briefi...