RE: A Memory Exhaustion Attack Against the Steem Blockchain

You are viewing a single comment's thread from:

A Memory Exhaustion Attack Against the Steem Blockchain

in software •  6 years ago 

Great work! I never found the time to try AFL myself, unfortunately. How far did you get with the Steem code, did you fuzz other parts as well and will we see more great finds from you? ;)

software
6 years ago by

Downvoting a post can decrease pending rewards and make it less visible. Common reasons:

  • Disagreement on rewards
  • Fraud or plagiarism
  • Hate speech or trolling
  • Miscategorized content or spam

Submit
$0.00
    1 vote
    1
    Authors get paid when people like you upvote their post.
    If you enjoyed what you read here, create your account today and start earning FREE STEEM!
    Sort Order:  
  • Trending
    • [-]
      ·  6 years ago 

    I haven't identified other good entry points for fuzzing yet; one of the things I'm building is tooling that will make it easier to do so and construct the harness automatically. There are also fuzzing tools specifically designed for testing network services which could be used, but whitebox testing is usually more efficient.

    I hope to demonstrate other sorts of tools as well, so I might to a TLA+ model on part of the Steem design.

    I've been looking at other software, including another blockchain in which I found bugs, but I haven't heard back from their bug bounty program yet so I'm giving them more time before publishing.

    Downvoting a post can decrease pending rewards and make it less visible. Common reasons:

    • Disagreement on rewards
    • Fraud or plagiarism
    • Hate speech or trolling
    • Miscategorized content or spam

    Submit
    $0.00