TCP reset with pre_send and HTTP fuzzing
92 views
Skip to first unread message
lmc...@gmail.com
May 11, 2018, 12:55:22 PM5/11/18
to boofuzz
TCP reset is received for each fuzzed HTTP request when pre_send is used to verify that the target is still OK
I figured that the connection must be reset between pre_send and fuzz but cannot found how to ?
By commenting pre_send then the fuzzed HTTP request are not reset anymore.
Regards
Thierru
def get_banner(sock):
head = 'HEAD / HTTP/1.1\r\n'
head += '\r\n'
sock.send(head)
sock.recv(1024)
host = "127.0.0.1"
port = 9090
session = sessions.Session(log_level=1, sleep_time=0.03)
connection = SocketConnection(host, port, proto="tcp")
target = sessions.Target(connection)
session.add_target(target)
session.pre_send = get_banner
s_initialize(name="Request")
with s_block("Request-Line"):
s_group("Method", ['GET', 'HEAD', 'POST', 'PUT', 'DELETE', 'CONNECT', 'OPTIONS', 'TRACE'])
s_static(" / ", name='space-2')
s_static('HTTP/1.1', name='HTTP-Version')
s_static("\r\n", name="Request-Line-CRLF")
s_static("\r\n", "Request-CRLF")
session.connect(s_get("Request"))
session.fuzz()
[2018-05-11 12:49:12,188] Test Case: 4: Request.Method.4
[2018-05-11 12:49:12,188] Info: Type: Group. Default value: GET. Case 4 of 8 overall.
[2018-05-11 12:49:12,189] Transmitting 19 bytes: 48 45 41 44 20 2f 20 48 54 54 50 2f 31 2e 31 0d 0a 0d 0a b'HEAD / HTTP/1.1\r\n\r\n'
[2018-05-11 12:49:12,189] Info: 19 bytes sent
[2018-05-11 12:49:12,189] Info: Receiving...
[2018-05-11 12:49:12,190] Received: 48 54 54 50 2f 31 2e 30 20 32 30 30 20 4f 4b 0d 0a 53 65 72 76 65 72 3a 20 53 69 6d 70 6c 65 48 54 54 50 2f 30 2e 36 20 50 79 74 68 6f 6e 2f 32 2e 37 2e 31 34 2b 0d 0a 44 6
1 74 65 3a 20 46 72 69 2c 20 31 31 20 4d 61 79 20 32 30 31 38 20 31 36 3a 34 39 3a 31 32 20 47 4d 54 0d 0a 43 6f 6e 74 65 6e 74 2d 74 79 70 65 3a 20 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54
46 2d 38 0d 0a 43 6f 6e 74 65 6e 74 2d 4c 65 6e 67 74 68 3a 20 31 34 31 34 0d 0a 0d 0a b'HTTP/1.0 200 OK\r\nServer: SimpleHTTP/0.6 Python/2.7.14+\r\nDate: Fri, 11 May 2018 16:49:12 GMT\r\nContent-type: text/html;
charset=UTF-8\r\nContent-Length: 1414\r\n\r\n'
[2018-05-11 12:49:12,190] Test Step: Fuzzing Node 'Request'
[2018-05-11 12:49:12,190] Transmitting 18 bytes: 50 55 54 20 2f 20 48 54 54 50 2f 31 2e 31 0d 0a 0d 0a b'PUT / HTTP/1.1\r\n\r\n' [2018-05-11 12:49:12,190] Info: 18 bytes sent [2018-05-11 12:49:12,190] Info: Receiving...
[2018-05-11 12:49:12,190] Received: b''
[2018-05-11 12:49:12,190] Check: Verify some data was received from the target.
[2018-05-11 12:49:12,190] Check Failed: Nothing received from target.
[2018-05-11 12:49:12,190] Test Step: Calling post_send function:
[2018-05-11 12:49:12,190] Info: No post_send callback registered.
[2018-05-11 12:49:12,190] Test Step: Sleep between tests.
[2018-05-11 12:49:12,190] Info: sleeping for 0.030000 seconds
Joshua Pereyda
May 28, 2018, 2:56:53 PM5/28/18
to boofuzz
I don't quite follow your question, but you might be interested in `check_data_received_each_request` http://boofuzz.readthedocs.io/en/latest/source/Session.html
Reply all
Reply to author
Forward
0 new messages