View on GitHub

Fuzzer

Download this project as a .zip file Download this project as a tar.gz file

README

Overview

This project is a Python, mutation based file fuzzer that uses PyDBG to monitor for signals of interest.

Architecture

The architecture for the fuzzer follows the client/server model. Any number of clients can connect to the server, allowing for very fast execution. I personally connect about a dozen clients per box to the server, your specs may vary. The communication between client and server basically follows:

1. Client connects to server, gets a copy of the original file, possible mutations, and path to the target excutable
2. Client enters loop. Ask the server for next mutation, server responds with offset into the file and mutation index
3. Client creates the mutated file (less network communication), executes it with PyDBG.
4. *If* a crash occurs, client send crash information to the server, and the server creates a local copy of the file

During execution the server gives you the ability to show : clients, mutation statistics, crashes. The server can also be paused, causing clients to sleep for a little bit before checking back.

Prerequisites

- Twisted, http://twistedmatrix.com
- PyWin32, http://sourceforge.net/projects/pywin32/

Usage

Server

Server - Using the menu while running

Client