sfuzz Package Description
simple fuzz is exactly what it sounds like – a simple fuzzer. don’t mistake simple with a lack of fuzz capability. this fuzzer has two network modes of operation, an output mode for developing command line fuzzing scripts, as well as taking fuzzing strings from literals and building strings from sequences.
simple fuzz is built to fill a need – the need for a quickly configurable black box testing utility that doesn’t require intimate knowledge of the inner workings of C or require specialized software rigs. the aim is to just provide a simple interface, clear inputs/outputs, and reusability.
- simple script language for creating test cases
- support for repeating strings as well as fixed strings (‘sequences’ vs. ‘literals’)
- variables within test cases (ex: strings to be replaced with different strings)
- tcp and udp payload transport (icmp support tbd)
- binary substitution support (see basic.a11 for more information)
- plugin support (NEW!) see plugin.txt for more information.
- previous packet contents inclusion
- Author: Aaron Conole
- License: Other
Tools included in the sfuzz package
sfuzz – Black Box testing utilities
By: Aaron Conole
-h This message.
-V Version information.
networking / output:
-v Verbose output
-q Silent output mode (generally for CLI fuzzing)
-X prints the output in hex
-b Begin fuzzing at the test specified.
-e End testing on failure.
-t Wait time for reading the socket
-S Remote host
-T|-U|-O TCP|UDP|Output mode
-R Refrain from closing connections (ie: "leak" them)
-f Config File
-L Log file
-n Create a new logfile after each fuzz
-r Trim the tailing newline
-D Define a symbol and value (X=y).
-l Only perform literal fuzzing
-s Only perform sequence fuzzing
sfuzz Usage Example
Fuzz the target server (-S 192.168.1.1) on port 10443 (-p 10443) with TCP output mode (-T), using the basic HTTP config (-f /usr/share/sfuzz/sfuzz-sample/basic.http):
[12:53:47] dumping options:
literal = [AREALLYBADSTRING]