The idea is to be the Network Protocol Fuzzer that we will want to use.
The aim of this tool is to assist during the whole process of fuzzing a network protocol, allowing to define the communications, helping to identify the “suspects” of crashing a service, and much more
Also Read – CTFTool : Interactive CTF Exploration Tool
virtualenv venv -p python3
source venv/bin/activate
pip install -r requirements.txt
Help
usage: python -m fuzzowski [-h] [-p {tcp,udp,ssl}] [-b BIND] [-st SEND_TIMEOUT]
[-rt RECV_TIMEOUT] [–sleep-time SLEEP_TIME] [-nc] [-tn]
[-nr] [-nrf] [-cr]
[–threshold-request CRASH_THRESHOLD_REQUEST]
[–threshold-element CRASH_THRESHOLD_ELEMENT]
[–ignore-aborted] [–ignore-reset] [–error-fuzz-issues]
[-c CALLBACK | –file FILENAME] -f
{cops,dhcp,ipp,lpd,netconf,telnet_cli,tftp,raw}
[-r FUZZ_REQUESTS [FUZZ_REQUESTS …]]
[–restart module_name [args …]]
[–restart-sleep RESTART_SLEEP_TIME]
[–monitors {IPPMon} [{IPPMon} …]] [–path PATH]
[–document_url DOCUMENT_URL]
host port
positional arguments:
host Destination Host
port Destination Port
optional arguments:
-h, –help show this help message and exit
Connection Options:
-p {tcp,udp,ssl}, –protocol {tcp,udp,ssl}
Protocol ( Default tcp)
-b BIND, –bind BIND Bind to port
-st SEND_TIMEOUT, –send_timeout SEND_TIMEOUT
Set send() timeout (Default 5s)
-rt RECV_TIMEOUT, –recv_timeout RECV_TIMEOUT
Set recv() timeout (Default 5s)
–sleep-time SLEEP_TIME
Sleep time between each test (Default 0)
-nc, –new-conns Open a new connection after each packet of the same test
-tn, –transmit-next-node
Transmit the next node in the graph of the fuzzed node
RECV() Options:
-nr, –no-recv Do not recv() in the socket after each send
-nrf, –no-recv-fuzz Do not recv() in the socket after sending a fuzzed request
-cr, –check-recv Check that data has been received in recv()
Crashes Options:
–threshold-request CRASH_THRESHOLD_REQUEST
Set the number of allowed crashes in a Request before skippi ng it (Default 9999)
–threshold-element CRASH_THRESHOLD_ELEMENT
Set the number of allowed crashes in a Primitive before skipping it (Default 3)
–ignore-aborted Ignore ECONNABORTED errors
–ignore-reset Ignore ECONNRESET errors
–error-fuzz-issues Log as error when there is any connection issue in the fuzzed node
Fuzz Options:
-c CALLBACK, –callback CALLBACK
Set a callback address to fuzz with callback generator instead of normal mutations
–file FILENAME Use contents of a file for fuzz mutations
Fuzzers:
-f {cops,dhcp,ipp,lpd,netconf,telnet_cli,tftp,raw}, –fuzz {cops,dhcp,ipp,lpd,netconf,telnet_cli,tftp,raw}
Available Protocols
-r FUZZ_REQUESTS [FUZZ_REQUESTS …], –requests FUZZ_REQUESTS [FUZZ_REQUESTS …]
Requests of the protocol to fuzz, default All
dhcp: [opt82]
ipp: [http_headers, get_printer_attribs, print_uri_message, send_uri, get_jobs, get_job_attribs]
lpd: [long_queue, short_queue, ctrl_file, data_file, remove_job]
telnet_cli: [commands]
tftp: [read]
raw: [‘\x01string\n’ ‘\x02request2\x00’ …]
Restart options:
–restart module_name [args …]
Restarter Modules:
run: ‘ [ …]’ (Pass command and arguments within quotes, as only one argument)
smartplug: It will turn off and on the Smart Plug
teckin:
–restart-sleep RESTART_SLEEP_TIME
Set sleep seconds after a crash bef ore continue (Default 5)
Monitor options:
–monitors {IPPMon} [{IPPMon} …], -m {IPPMon} [{IPPMon} …]
Monitor Modules:
IPPMon: Sends a get-attributes IPP message to the target
Other Options:
–path PATH Set path when fuzzing HTTP based protocols (Default /)
–document_url DOCUMENT_URL
Set Document URL for print_uri
Examples
Fuzz the get_printer_attribs IPP operation with default options:
python -m fuzzowski printer1 631 -f ipp -r get_printer_attribs –restart smartplug
Use the raw feature of IPP to fuzz the finger protocol:
python -m fuzzowski printer 79 -f raw -r ‘{{root}}\n’
Use the raw feature of IPP to fuzz the finger protocol, but instead of using the predefined mutations, use a file:
python -m fuzzowski printer 79 -f raw -r ‘{{root}}\n’ –file ‘path/to/my/fuzzlist’
Tookie-osint has a simple-to-use UI and is really straightforward. The main idea of Tookie-osint is…
Be aware, the installation needs technical skills and is not for beginners. Please do not…
The course is primarily intended for those who are professionally involved in or simply interested…
Embark on a 21-day journey to harness the power of Python for Open Source Intelligence…
I've seen multiple projects out there in GitHub, that are crawlers for the deep web,…
OSINTk.o is a customized Kali Linux-based ISO image with pre-installed packages and scripts. The idea…