Skip to content

Module Organization

Jump to bottom
Mario edited this page Dec 30, 2019 · 3 revisions

Relationship between main Fuzzowski modules

Modules relation

Mutants

This modules are the data generation modules, they contain the primitives and blocks that forms a request.

image

Primitives

  • Static (s_static): Static content (not fuzzable). For when we want to place a set of data without fuzzing it.
  • String (s_string): Variable length string
  • BitField (s_bit_field): A number of bits! It can be represented as "binary" (b'\x00') or "ascii" (b'0')
    • Byte (s_byte): 8 bits sized BitField!
    • Word (s_word): 2 bytes sized BitField!
    • DWord (s_dword): 4 bytes sized BitField! (alias s_int)
    • QWord (s_qword): 8 bytes sized BitField!
  • Group (s_group): List of static values
  • Delim (s_delim): A character delimiter (:, \n, <, >, etc.)
  • RandomData (s_random): Random chunk of data with specified length.

Blocks

  • Block (s_block). A block containing primitives or other blocks
  • Variable (s_variable). Takes the value of a variable set by a request, response or user.
  • Repeat (s_repeat). Repeat a block multiple times
  • Size (s_size). Calculates the size of a block or primitive. It can be ascii or binary, big or little endian, and have predefined size in bytes.
  • Request (s_initialize). A Superblock, the main one! It inherits from a block
  • Checksum (s_checksum). Calculate some usual checksums (md5, sha1, etc) of a block.

Fuzzers

This module contains the main interface of a Fuzzer that needs to be implemented by each fuzzer made, and some implemented or example fuzzers.

Monitors

This module contains the main interface that needs to be implemented by your monitors, and different monitors implemented

Restarters

This module contains the main interface that needs to be implemented by your restarter and some generic restarters, that can be launched by the prompt, or automatically after the connection is lost to the target.

Responses

The responses can be instantiated after a request with s_response() and are called after receiving a response from the server. They are in charge of setting variables, allowing to easily define stateful fuzzers, and may contain other checks in the future

Session

The session implements the main fuzzing functionality, contains all configuration parameters, etc.

TestCase

The TestCase contains all the information to perform a test or show information about it

Prompt

The Prompt module and submodules contains the implementation of the REPL, with the console behaviour and commands

SessionPrompt

It contains all the commands and implementation of them.

Graph

Contains code to set the session graph, which is able to get all different paths of a session.

Clone this wiki locally