Python Client Beispiele

Beispiel #1

def do_fuzz():
    sess = sessions.Session(
        session_filename="audits/trend_server_protect_5168.session")
    target = sessions.Target("192.168.181.133", 5168)

    target.netmon = pedrpc.Client("192.168.181.133", 26001)
    target.procmon = pedrpc.Client("192.168.181.133", 26002)
    target.vmcontrol = pedrpc.Client("127.0.0.1", 26003)

    target.procmon_options = \
        {
            "proc_name": "SpntSvc.exe",
            "stop_commands": ['net stop "trend serverprotect"'],
            "start_commands": ['net start "trend serverprotect"'],
        }

    # start up the target.
    target.vmcontrol.restart_target()

    print("virtual machine up and running")

    sess.add_target(target)
    sess.pre_send = rpc_bind
    sess.connect(s_get("5168: op-1"))
    sess.connect(s_get("5168: op-2"))
    sess.connect(s_get("5168: op-3"))
    sess.connect(s_get("5168: op-5"))
    sess.connect(s_get("5168: op-a"))
    sess.connect(s_get("5168: op-1f"))
    sess.fuzz()

    print("done fuzzing. web interface still running.")

Beispiel #2

Datei: fuzzer.py Projekt: ysoftdevs/wapifuzz

    def _configure_session(self):
        target_config = ConfigurationManager.get_target()
        startup_command = ConfigurationManager.get_startup_command()

        ssl_context = None
        if self._protocol == 'ssl':
            ssl_context = ssl.create_default_context(ssl.Purpose.SERVER_AUTH)
            ssl_context.check_hostname = False
            ssl_context.verify_mode = ssl.CERT_NONE

        recv_timeout = ConfigurationManager.get_receive_timeout()

        remote_connection = SocketConnection(target_config["hostname"],
                                             target_config["port"],
                                             proto=self._protocol,
                                             sslcontext=ssl_context,
                                             recv_timeout=recv_timeout)
        if startup_command:
            process_monitor = pedrpc.Client(target_config["hostname"], 26002)
            process_monitor_options = {"start_commands": [startup_command]}
            target = Target(connection=remote_connection,
                            procmon=process_monitor,
                            procmon_options=process_monitor_options)
        else:
            target = Target(connection=remote_connection)

        self._session = Session(
            target=target,
            fuzz_loggers=[self._text_logger, self._junit_logger],
            post_test_case_callbacks=[PostTestCaseCallback.post_test_callback],
            restart_sleep_time=0,
            keep_web_open=False,
            fuzz_db_keep_only_n_pass_cases=sys.maxsize,
            crash_threshold_element=10,
            crash_threshold_request=30)

Beispiel #3

Datei: boofuzz_freeftp.py Projekt: su1s/exploits

def main():
    session = Session(target=Target(
        connection=SocketConnection(host, port, proto='tcp'),
        procmon=pedrpc.Client(host, 26002),
        procmon_options={"start_commands": [start_cmd]}),
                      web_port=8080)

    s_initialize("user")
    s_static("USER")
    s_delim(" ")
    s_static("anonymous")
    s_static("\r\n")

    s_initialize("pass")
    s_static("PASS")
    s_delim(" ")
    s_string("dave")
    s_static("\r\n")

    session.connect(s_get("user"))
    session.connect(s_get("user"), s_get("pass"))

    session.fuzz()

Beispiel #4

Datei: fuzz_trillian_jabber.py Projekt: up777/boofuzz

    pedrpc, \
    s_get

# noinspection PyUnresolvedReferences
from requests import jabber


def init_message(sock):
    init = '<?xml version="1.0" encoding="UTF-8" ?>\n'
    init += '<stream:stream to="152.67.137.126" xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams">'

    sock.send(init)
    sock.recv(1024)


sess = sessions.Session(session_filename="audits/trillian.session")
target = sessions.Target("152.67.137.126", 5298)
target.netmon = pedrpc.Client("152.67.137.126", 26001)
target.procmon = pedrpc.Client("152.67.137.126", 26002)
target.vmcontrol = pedrpc.Client("127.0.0.1", 26003)
target.procmon_options = {"proc_name": "trillian.exe"}

# start up the target.
target.vmcontrol.restart_target()
print("virtual machine up and running")

sess.add_target(target)
sess.pre_send = init_message
sess.connect(sess.root, s_get("chat message"))
sess.fuzz()

Beispiel #5

    target_info = get_target_info_from_target_name(target_name, aut_host, aut_port)
    try:
        target_env = target_info['env']
    except KeyError:
        target_env = {}

    # Pass specified target parameters to the PED-RPC server
    target = Target(
        name=target_name,
        aut_host=aut_host,
        aut_port=aut_port,
        aut_src_port=aut_src_port,
        aut_heartbeat_path=target_info['heartbeat_path'],
        aut_default_uris=target_info['default_uris'],
        aut_strings=target_info.get('strings', []),
        procmon=pedrpc.Client(host, port),
        procmon_options={
            'start_commands': [target_info['start_cmd']],
            'time_to_settle': target_info['time_to_settle'],
            'env': target_env,
        },
        output_dir=output_dir
    )

    bind_layers(UDP, CoAP, sport=aut_port)
    bind_layers(UDP, CoAP, dport=aut_port)
    bind_layers(UDP, CoAP, sport=aut_src_port)
    bind_layers(UDP, CoAP, dport=aut_src_port)

    mf = Fuzzer({ target_name: target })
    mf.targets[target_name].summaryfile.write("Using %d as seed\n\n" % my_seed)