TFTP vulnerability finding technique based on fuzzing

The basic value proposition of vulnerability finding is simple: it is better for vulnerabilities to be found and fixed by good guys than for them to be found and exploited by bad guys. Fuzzing is the art of automatic vulnerability finding. In this paper, we propose a vulnerability finding approach based on fuzzing and apply our approach to TFTP protocol. We analyzed all the vulnerabilities that had been released about TFTP protocol, and summed up the vulnerable points in TFTP servers. Aiming at those vulnerable points, a fuzzing tool named tftpServerFuzzer was specifically designed and implemented to test TFTP servers. We collected 11 types of TFTP servers based on Windows via Internet. Testing those TFTP servers by tftpServerFuzzer, we discovered three unreleased and almost all the released vulnerabilities on those TFTP servers. The result indicates not only the validity and superiority of the tftpServerFuzzer we designed, but also the efficiency of our approach.