Re: boofuzz 2.0 monitors request for info

[j inverar]

Just to add some more contect, My fuzz script does connect to my process_monitor.py client and prints out results to the web app however when the program crashes it does not provide debugger results. When I do this towards vulnserver it works great. I understand that there are many factors involved however I would like to verify how to use the boofuzz 2.0 monitors before I proceed.

[Joshua Pereyda]

Hi inverar! Are you still working on this? From reading your original prompt (some messages appear to be deleted), it may be that the crashing behavior of each service is different. I've encountered targets that catch their own crashes making it harder for the debugger to catch them. Just a thought based on your questoin.

[j inverar]

I am still working on it. I've went back to basics and found one of the services is designed to be a load balancer. When the first service crashes the buffer overflows the EDX register. To find that out I have to manually attach the immunity to the service then fuzz the program.....i tried for about 5 weeks to get sulley and boofuzz process monitor to attach. I am able to get process monitor to say pydb is attached and debugging the process but the crashbin will not grow when crashes happen and I don't get the expected results.

Joe

On Mon, Jul 20, 2020, 10:53 Joshua Pereyda, <joshua.t...@gmail.com> wrote:

Hi inverar! Are you still working on this? From reading your original prompt (some messages appear to be deleted), it may be that the crashing behavior of each service is different. I've encountered targets that catch their own crashes making it harder for the debugger to catch them. Just a thought based on your questoin.

--
You received this message because you are subscribed to the Google Groups "boofuzz" group.
To unsubscribe from this group and stop receiving emails from it, send an email to boofuzz+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/boofuzz/24a2f834-1a3b-4681-9709-1e5411aeb6b0o%40googlegroups.com.

[Joshua Pereyda]

If you have something working I wouldn't turn you aside. If you still are pursuing the boofuzz procmon, I'd be happy to check out the logs from procmon if it isn't connecting correctly. Is it not attaching, or is it attaching but not giving bins?