Monday, March 5, 2012

FileFuzzer

While going through the OSCE course, I have created a number of fuzzing templates and files.  One that comes in handy, the python file fuzzer I made.  It is not mind blowing, but I have found some overflows with so it is nice to have for me at least.


#!/usr/bin/python

# File  Fuzzer
# By Agoonie
# Dated created 2/26/2012
# Kind of basic and wordy, but hey it works for me....

print "--------------------------------------------------------------------------------"
print "                                      Fuzzer Template                                   "
print "                                      Agoonie FileFuzz                                 "
print "--------------------------------------------------------------------------------"




fuzzchoice = raw_input('Do you want to create one file with a specific buffer size? yes or no. ')
if (fuzzchoice == 'y') or (fuzzchoice =='yes') or (fuzzchoice == 'Yes') or (fuzzchoice == 'Y'):
buff = raw_input('What is the buffer size for the file you want? ')
newextension = raw_input('What is the extension for the file you want? ')
print "Next, think of the character(s) you want to use in the buffer.  For example, A, B, C, %, *, X, &, ), (, #, @, !, etc. "
bchar= raw_input('What is the character(s) that will file the buffer in the file? ')
print "The filename will be: "
filename = "stest."+newextension
print filename
newbuff = int(buff)
if (newextension == 'm3u'):
junkchar = "#EXTM3U\n"
  junkchar += "#EXTINF:123,Agoonie - A goonie was here\n"
junkchar += bchar*newbuff
else:
junkchar = bchar*newbuff
bigbang = junkchar
bangcount = len(bigbang)
print "Just a reminder, this is the number of characters you have in your buffer: "
print bangcount
textfile = open(filename,"w")
textfile.write(bigbang)
textfile.close()
elif (fuzzchoice == 'n') or (fuzzchoice =='no') or (fuzzchoice == 'No') or (fuzzchoice == 'N'):
print "Buffer starts at 200 bytes and increments by 200 bytes "
buffsize = raw_input('What is the MAX buffer size for the file you want? ')
mbuffsize = int(buffsize)
cbuff = 200   # Current buffer size; starts at 200
num = 1
extension = raw_input('What is the extension for the file you want? ')
print "Next, think of the character(s) you want to use in the buffer.  For example, A, B, C, %, *, X, &, ), (, #, @, !, etc. "
bcharacter= raw_input('What is the character(s) that will file the buffer in the file? ')
while (cbuff <= mbuffsize):
print "The buffer size for the file is: "
print cbuff
snum = str(num)
filenames = snum+"_test."+extension
print filenames
junk = bcharacter*cbuff
num = num + 1
cbuff = cbuff + 200
exploit = junk
textfile = open(filenames,"w")
textfile.write(exploit)
textfile.close()
else:
print "I didn't understand your answer. Please run again. ./filefuzzer.py "






Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)