def testScn(host, port, scenario):
# run once in order to capture exchanged pdus
f = sk.socket(sk.AF_INET, sk.SOCK_STREAM)
f.connect((host, port))
(exc_info, msgs) = dwr_handler(scenario, f, local_hostname, local_realm)
if exc_info is not None:
print >> sys.stderr, '[ERROR] The scenario raised %r' % exc_info
sys.exit(1)
f.close()
return msgs
local_realm = a
if len(args) != 1 or local_hostname is None or local_realm is None \
or scn is None or mode is None:
usage(sys.argv[0])
scenario = load_scenario(scn, local_hostname, local_realm)
(host, port) = args[0].split(':')
port = int(port)
if mode == 'client':
# run once in order to capture exchanged pdus
f = sk.socket(sk.AF_INET, sk.SOCK_STREAM)
f.connect((host, port))
(exc_info, msgs) = dwr_handler(scenario, f, local_hostname,
local_realm)
if exc_info is not None:
print('scenario raised: %s' % exc_info)
f.close()
for (m, is_sent) in msgs:
Directory.tag(m)
fuzzs = analyze(msgs)
print('generated %d scenarios of fuzzing' % len(fuzzs))
for fuzz in fuzzs:
f = sk.socket(sk.AF_INET, sk.SOCK_STREAM)
f.connect((host, port))
(exc_info, msgs) = dwr_handler(scenario, f, local_hostname,
local_realm, fuzz)
elapsedT = (h, m, s)
if i % 1000 == 0 and i > args.min:
percent = ((i - args.min) * 100.0) / (
(args.max - args.min) * 1.0)
print(
"%s - [INFO] %f%% : AVP %d to %d scanned (over %d) in %d:%d:%d..."
% (time.ctime(), percent, i - 1000, i, args.max,
elapsedT[0], elapsedT[1], elapsedT[2]))
try:
f = sk.socket(sk.AF_INET, sk.SOCK_STREAM)
f.connect((host, port))
(exc_info, msgs) = dwr_handler(scenario,
f,
local_hostname,
local_realm,
mutator=fuzz)
f.close()
except sk.error as serr:
print >> sys.stderr, '%s - [ERROR] Connexion broken (%s) for AVP %d' % (
time.ctime(), serr, i)
try:
testScn(host, port, scenario)
except sk.error as serr:
print >> sys.stderr, '%s - [ERROR] Connexion definitively broken (%s). I quit.' % (
time.ctime(), serr)
sys.exit(-1)
continue
args.local_realm)
if args.mode in ('client', 'clientloop'):
while True:
f = sk.socket(family, sk.SOCK_STREAM, sk.IPPROTO_SCTP)
if args.local_addresses:
addrs = [(a, int(args.local_port))
for a in args.local_addresses]
ret = sctp.bindx(f, addrs, family)
assert (ret == 0)
else:
f.bind((ADDR_ANY, args.local_port))
f.connect((target, port))
(exc_info, msgs) = dwr_handler(scenario, f, args.local_hostname,
args.local_realm)
if exc_info is not None:
print('raised: %s' % (exc_info))
f.close()
if args.mode == 'client':
break
elif args.mode == 'server':
srv = sk.socket(family, sk.SOCK_STREAM, sk.IPPROTO_SCTP)
if args.local_addresses:
addrs = [(a, int(args.local_port)) for a in args.local_addresses]
ret = sctp.bindx(srv, addrs, family)
assert (ret == 0)
else:
srv.bind((ADDR_ANY, args.local_port))
srv.listen(64)