Logging and testcases
104 views
Skip to first unread message
tme...@gmail.com
Sep 18, 2018, 6:19:54 AM9/18/18
to boofuzz
Hi all,
Ok a bit of a noob question, but I just cannot find any information on this.
I want to try out boofuzz for fuzzing (quite a bit easier in the end than custom python fuzzers all the time).
What I do not seem to get my head around is how I create and configure testcases and how I configure the logger.
For now I am testing this on vulnserver on a "remote" host that does not run Boofuzz.
What I want is to be able to customize all the things the logger logs, so that I can for example not log the data that is send but only the amount of bytes and what I receive.
And I cannot find anything (tutorial or whatever) on how te testcases work.
Thanks for any answers,
Kind regards,
joshua.t...@gmail.com
Sep 18, 2018, 1:50:49 PM9/18/18
to boofuzz
Hello,
Right now, to modify what is logged, you would create your own implementation of IFuzzLogger (see ifuzz_logger.py). Probably the easiest hack is to subclass the logger that does almost what you want and modify its log_send method.
What do you mean by the "testcases"? Do you want to control the different mutations for each block?
tme...@gmail.com
Sep 20, 2018, 10:58:15 AM9/20/18
to boofuzz
Thanks!
To be honest, I am not sure that I understand what I mean with testcases :D
But I will try to change the logger, to bad there isn't a clear cut configuration for this (although I guess I should now build one and upload it right? :D)
What I really want is that I can use Boofuzz to send packets and check responses.
So I send:
Packet xx
I receive response:
OK
Send Packet xxx:
I receive response:
AAAARGH HELP
And then I stop fuzzing and nicely put something in the logs or stdout that shows me that I should look into the fuzzed parameter with payload xxx.
Op dinsdag 18 september 2018 19:50:49 UTC+2 schreef joshua.t...@gmail.com:
tme...@gmail.com
Sep 24, 2018, 4:08:48 AM9/24/18
to boofuzz
To reply again to you:
Thanks for the answer, this helped me to understand the tool a bit more and gain a bit more independence on using it.
I did exactly what you said and this helped me to write my own implementation of logging and testcases.
If I have time (oh if only :P) I will develop it a bit more.
Op dinsdag 18 september 2018 19:50:49 UTC+2 schreef joshua.t...@gmail.com:
Hello,
joshua.t...@gmail.com
Sep 24, 2018, 11:38:46 AM9/24/18
to boofuzz
Great to hear!
Reply all
Reply to author
Forward
0 new messages