Nmap Development mailing list archives
Nping Safe Payload Fuzzing
From: Colin L Rice <ricec2 () rpi edu>
Date: Sun, 15 Jan 2012 21:13:05 -0800
Hi,So I swapped nping to use safe payloads by default and then set up some fuzzing scripts to make sure it is secure.
Sadly, after getting the basic fuzzing written I suddenly got busy with other code and was unable to track down the actual bugs.
The branch is in https://svn.nmap.org/nmap-exp/colin-packet-fuzz and it basically only works on 64 bit linux. There is some nasty static linking.
You also need to install the scapy-com repo since I fixed some bugs in scapy's fuzzing.
Running the tests are pretty simple assuming it will work. make testHowever since I'm not running the executable inside valgrind I never actually got a stacktrace of what is crashing.
If someone has the time to track down the crashes great. If they don't I'll get around to it soonish.
-Colin _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Nping Safe Payload Fuzzing Colin L Rice (Jan 15)
- Re: Nping Safe Payload Fuzzing David Fifield (Jan 15)