AMF Testing Made Easy

Explore advanced techniques for testing Action Message Format (AMF) applications in this Black Hat USA 2012 conference talk. Delve into the challenges of bug hunting in AMF-based applications and discover a new automated gray-box testing approach. Learn about Blazer, a Burp Suite plugin that revolutionizes AMF fuzzing by dynamically generating objects from method signatures. Gain insights into improving coverage and effectiveness when targeting complex applications, and examine real-world vulnerabilities uncovered using this innovative tool. Follow along as the speaker demonstrates the methodology using Adobe BlazeDS as a server-side reference implementation. Acquire practical knowledge on making AMF testing more robust and efficient, covering topics such as authentication, SQL injection, and best-fit heuristics.

Intro
About me
Introduction and context
AMF for end-users
AMF for old-school hackers
AMF for web hackers
Adobe BlazeDS
Action Message Format (AMF)
State of art (research, tools)
Testing remote methods, today
Enterprise-grade applications
Security Testing Areas 36 Authentication
Say hello to Blazer
Blazer vo.2
Blazer - Architecture 2/2
DEMO 1
Blazer - Core techniques 1/3
Test case: SQL injection
Blazer - "Best-fit" heuristics 2/2
Coverage and Scalability
AMF Security Testing with Blazer 36 Authentication
Conclusions
Future improvements