Download link: http://code.google.com/p/sickfuzz/downloads/list
svn checkout http://sickfuzz.googlecode.com/svn/trunk/ sickfuzz
New features:
- Some SPIKE tweak.
- Changed the SPIKE fuzzer.
- Modified the .spk scripts.
- More logs available.
- More detailed help screen as well as output.
Fixed bugs:
- Fixed tailing issue, now paths don't have to end with "/".
- Now stops when app crashes without going over the other scripts.
Install SPIKE and sickfuzz:
root@bt:~# apt-get install automake
root@bt:~# rm -rf /pentest/fuzzers/spike/
root@bt:~# wget -P /tmp http://www.immunitysec.com/downloads/SPIKE2.9.tgz
root@bt:~# tar xvzf /tmp/SPIKE2.9.tgz -C /pentest/fuzzers && rm /tmp/SPIKE2.9.tgz
root@bt:~# cd /pentest/fuzzers/SPIKE/SPIKE/src/Before actually starting to compile SPIKE we will make a little tweak (thank master @lupin for this one!).
Open up spike.c, there are 2 lines that look like this:
printf("tried to send to a closed socket!\n");Each of these 2 lines contains a "return 0;" instruction on the next line, we will replace this instruction with "exit(1);" save the file and proceed.
(NOTE: ONLY REPLACE THOSE 2 INSTRUCTIONS NOT ALL!)
snapshot_1
snapshot_2
snapshot_3
snapshot_4
Now we can proceed with SPIKE:
root@bt:/pentest/fuzzers/SPIKE/SPIKE/src# aclocal
root@bt:/pentest/fuzzers/SPIKE/SPIKE/src# automake
root@bt:/pentest/fuzzers/SPIKE/SPIKE/src# ./configure
root@bt:/pentest/fuzzers/SPIKE/SPIKE/src# sed -i 's/CFLAGS = -Wall -funsigned-char -c -fPIC -ggdb/CFLAGS = -Wall -funsigned-char -c -fPIC -ggdb -fno-stack-protector/g' Makefile
root@bt:/pentest/fuzzers/SPIKE/SPIKE/src# makeIf you get this error:
configure: creating ./config.status
cd && /bin/sh ./config.status Makefile
/bin/sh: ./config.status: No such file or directory
make: *** [Makefile] Error 127Execute the following commands again:
root@bt:/pentest/fuzzers/SPIKE/SPIKE/src# aclocal
root@bt:/pentest/fuzzers/SPIKE/SPIKE/src# automake
root@bt:/pentest/fuzzers/SPIKE/SPIKE/src# ./configure
root@bt:/pentest/fuzzers/SPIKE/SPIKE/src# sed -i 's/CFLAGS = -Wall -funsigned-char -c -fPIC -ggdb/CFLAGS = -Wall -funsigned-char -c -fPIC -ggdb -fno-stack-p$
root@bt:/pentest/fuzzers/SPIKE/SPIKE/src# makeShould have worked now.
root@bt:/pentest/fuzzers/SPIKE/SPIKE/src# mv -f /pentest/fuzzers/SPIKE/SPIKE/src /pentest/fuzzers/spike/
root@bt:/pentest/fuzzers/SPIKE/SPIKE/src# cd
root@bt:~# rm -rf /pentest/fuzzers/SPIKE/
root@bt:~# cd /pentest/fuzzers/
root@bt:/pentest/fuzzers# svn checkout http://sickfuzz.googlecode.com/svn/trunk sickfuzzAlso if you are interested g0tmi1k made a nice script to automate the hole process:
http://code.google.com/p/sickfuzz/downloads/list
For more info on using SPIKE check out lupin's guides:
http://resources.infosecinstitute.com/intro-to-fuzzing/
http://resources.infosecinstitute.com/fuzzer-automation-with-spike/
Execute the following commands again:
ReplyDeleteroot@bt:/pentest/fuzzers/SPIKE/SPIKE/src# sed -i 's/CFLAGS = -Wall -funsigned-char -c -fPIC -ggdb/CFLAGS = -Wall -funsigned-char -c -fPIC -ggdb -fno-stack-p$
is written false. It should be same as upper command.