Fuzzing an Industrial Proprietary Protocol

For many proprietary systems source code and documentation
are not available which makes them hard to test leaving only black-
box approaches. In this work, we present an experience of fuzzing a
protocol for drone control and the developed tool BinFuzz. BinFuzz is a
man-in-the-middle stateful black-box protocol fuzzer. Listening to real
communication as a man-in-the-middle, the fuzzer reconstructs states of
the protocol as well as detects message types and their variable fields.
The collected knowledge is used during the fuzzing to improve the quality
of the generated inputs. For the application, we first test BinFuzz on an
FTP protocol and then use it to fuzz the protocol for drone control.