Use Agent on linux
15 views
Skip to first unread message
spiders...@gmail.com
May 28, 2013, 12:56:44 PM5/28/13
to hotfuzz...@googlegroups.com
Hello plp, a question pls, its possible use the agent on a linux machine ??? For fuzz a linux protocol.
I think use the peach 2.3.5 old linux version and lauch whit "peach.py -a 9002" on linux machine, , it is possible??
I know lose exploitable, for win, ,but i can try adapt gdb exploitable more later or by Hand if crash.
Thank you in advance, a greet.
Mgr. Martin Žember
May 30, 2013, 6:07:16 PM5/30/13
to spiders...@gmail.com, hotfuzz...@googlegroups.com
Hi!
There were issues with running agents on Linux around that version
(2.3.5) of Peach which is now in HotFuzz. When I tried it in the past,
I always gave it up. As far as I remember, the problem was that
"vtrace" structures that were in the python code (connected with the
monitor) were different than the structs in the headers of the kernel.
The kernel structs changed so frequently that it was not possible to
keep it up-to-date. Basically, when a crash occurred, the monitor
could not read the data about the crash correctly. I am not 100%
precise, but you can get the idea.
Peach now uses apport for collecting crash infos (as far as I know).
If you really want to fuzz your target that runs on Linux, you might
have a look on that.
I recommend running HotFuzz on some Windows targets first. Although a
lot of it is automatic, there might be some struggles anyway.
Combining it with Linux agents / agents of a different version of
Peach / updating HotFuzz with a newer version of Peach; that could be
too much at once.
Martin
> --
>
> ---
> You received this message because you are subscribed to the Google Groups
> "HotFuzz project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to hotfuzz-proje...@googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>
There were issues with running agents on Linux around that version
(2.3.5) of Peach which is now in HotFuzz. When I tried it in the past,
I always gave it up. As far as I remember, the problem was that
"vtrace" structures that were in the python code (connected with the
monitor) were different than the structs in the headers of the kernel.
The kernel structs changed so frequently that it was not possible to
keep it up-to-date. Basically, when a crash occurred, the monitor
could not read the data about the crash correctly. I am not 100%
precise, but you can get the idea.
Peach now uses apport for collecting crash infos (as far as I know).
If you really want to fuzz your target that runs on Linux, you might
have a look on that.
I recommend running HotFuzz on some Windows targets first. Although a
lot of it is automatic, there might be some struggles anyway.
Combining it with Linux agents / agents of a different version of
Peach / updating HotFuzz with a newer version of Peach; that could be
too much at once.
Martin
>
> ---
> You received this message because you are subscribed to the Google Groups
> "HotFuzz project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to hotfuzz-proje...@googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>
spiders...@gmail.com
May 31, 2013, 8:40:18 AM5/31/13
to hotfuzz...@googlegroups.com, spiders...@gmail.com
Hi Martin, thanks for the info, i am now practicing with it, and see very ussefull, but need more experiencie with, and more later use linux, its the correct.
thank for the advice, and for a fast answer, a greet martin.
Jose
Reply all
Reply to author
Forward
0 new messages