Security Basics mailing list archives
Fuzzing with Sulley
From: Robert Larsen <robert () the-playground dk>
Date: Fri, 12 Oct 2012 16:14:01 +0200
Hi I am learning the ins and outs of fuzzing with Sulley using vulnserver.exe as a learning platform. It works great...well, almost. Vulnerabilities are found, vulnserver crashes and is restarted by the process monitor. But the fuzzing script does not think so: [2012-10-12 16:04:38,535] [ERROR] -> ntdll.dll:7c9377c9 push esi from thread 9816 caused access violation [2012-10-12 16:04:38,535] [WARNING] -> restarting target process [2012-10-12 16:04:43,552] [CRITICAL] -> Restarting the target failed, exiting. robert-workstation:~/Fuzzing/vulnserver_fuzzer $ telnet localhost 9999 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Welcome to Vulnerable Server! Enter HELP for help. EXIT GOODBYE Connection closed by foreign host. robert-workstation:~/Fuzzing/vulnserver_fuzzer $ Simply rerunning the fuzzer script continues the session so I do this: robert-workstation:~/Fuzzing/vulnserver_fuzzer $ while true; do python vulnserver_session.py ; done This seems to work, but is a rather ugly hack and shouldn't be necessary. Any ideas what I am doing wrong ? Robert
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- Fuzzing with Sulley Robert Larsen (Oct 12)