| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 3 Sep 2008 18:38:43 +0200 From: Victor Stinner <victor.stinner@...pocalc.com> To: full-disclosure@...ts.grok.org.uk Subject: Fusil the fuzzer version 1.0beta3 Fusil is a Python library for writing fuzzers and a set of specific fuzzers: Apache, ClamAV, Firefox, gettext, gstreamer, ImageMagick, libpoppler, printf(), Mplayer, ogg123, PHP and Python. The goal is to quickly write your fuzzer, Fusil is reponsible to manage a fuzzing campain (create files, cleanup at exist, sort errors, etc.). With the version 1.0, Fusil is safe: it uses a dedicated (UNIX) user to create child processes and limit resources (memory, total number of processes, etc.). Fusil now uses python-ptrace debugger for helping error classification (invalid memory read/write, division by zero, stack overflow, ...): it renames the fuzzer working directory (eg. "exitcode1", "abort", "div_by_zero", ...). This version is a beta version, it have to be tested as much as possible on any architectures and operating systems. Don't hesitate to report bugs! Website: http://fusil.hachoir.org/ python-ptrace website: http://python-ptrace.hachoir.org/ The development of the version 1.0 (still in beta phase) took around one year. The project is distributed under license GPLv2, is written in Python and is pacakaged for Debian, Mandriva and OpenEmbedded. The project is developed under Linux, but Fusil works correctly on FreeBSD and should works on any POSIX system (especially UNIX and BSD). Getting started --------------- To install Fusil, you will need python-ptrace and a system user "fusil" (and a group "fusil"). To run a fuzzer, type it's name, eg. "fusil-gettext". Each fuzzer has its own options, so don't hesitate to use the option "--help". For the documentation, browse the directory doc/. Simple examples are available in the directory examples/. python-ptrace only works correclty on Linux (i386, x86_64, PPC32) and FreeBSD (i386). If you have troubles with another architecture/OS, disable it with the Fusil configuration file (~/.config/fusil.conf): [debugger] use_debugger = False Read doc/configuration.rst to learn other Fusil options. python-ptrace ------------- If you didn't know python-ptrace, you should know that it's only written in Python and includes the programs strace.py and gdb.py (strace and gdb clones). strace.py is very close to strace, but has more options and works on FreeBSD without the Linux emulation (/proc directory). gdb.py is very limited, it doesn't support thread nor symbols for example. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists