boofuzz
boofuzz copied to clipboard
jtpereyda
Error in Process Monitor and Fuzzing never starts
Hi everyone! When I try to run the boofuzz with the process monitor and vulnserver, I get errors in the process monitor and the fuzzing never starts.
Here is a screenshot of the process_monitor.py error:
Here is the Python Script I'm trying to use:
#!/usr/bin/python
from boofuzz import *
target_ip = "192.168.59.129" options = {"proc_name" : "vulnserver.exe", "stop_commands": ['wmic process where (name="vulnserver.exe") delete'], "start_commands": ['C:\users\ieuser\desktop\vulnserver\vulnserver.exe']} procmon = ProcessMonitor(target_ip,26002) procmon.set_options(**options) monitors = [procmon] session = Session(target=Target(connection=SocketConnection(target_ip,9999, proto='tcp'),monitors=monitors),sleep_time=1)
s_initialize("user_command") s_string("KSTET") s_delim(" ",fuzzable=False) s_string("AAAA") s_static("\r\n") session.connect(s_get("user_command")) session.fuzz()
Any help with this would be greatly appreciated.
Thanks!
Thanks for the report @Akim10150!
I have just tested some very similar case on Linux where it works fine. That exception from your screenshot might be a bug in the procmon related to Windows. I'll take a look at that once I get a debugger on Windows running.
About the proc_name option for procmon, that is only needed if your start command will spawn another process and exits if I remember correctly.
From the log it looks like vulnserver.exe never exits and is waiting for connections. In that case you should omit the proc_name option and see if that works.
Thank you for you response @SR4ven :)
Removing proc_name fixed the problem with not starting the fuzzing, but now the process monitor is saying every fuzzing attempt is a crash. I don't think the 8 byte input in one of the screenshots should be a crash.
Boo Fuzz is awesome! I can't wait till I figure out how to use it properly.
This looks to me like a problem with the process monitor (see the "Bind failed" message). Did you figure it out eventually or is it still a problem?
The process monitor RPC is a bit janky and in need of a rewrite. To me, it seems like communication between boofuzz and the process monitor is lost, which is wrongly labled as a test case failure.
I don't think I ever figured it out. I no longer have the test environment from before, but will try again once I set it up. Thanks for the help! Boofuzz is awesome! I can't wait to learn to use it properly 🙂
On Thu, Dec 2, 2021, 5:39 AM Katharina Bogad @.***> wrote:
This looks to me like a problem with the process monitor (see the "Bind failed" message). Did you figure it out eventually or is it still a problem?
The process monitor RPC is a bit janky and in need of a rewrite. To me, it seems like communication between boofuzz and the process monitor is lost, which is wrongly labled as a test case failure.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/jtpereyda/boofuzz/issues/532#issuecomment-984548354, or unsubscribe https://github.com/notifications/unsubscribe-auth/AMWDQ3SMKYREEUWUDDKWUFLUO5LFPANCNFSM5ASWT7IA . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.