0
I Use This!
Activity Not Available

Project Summary

Updates - May 2009QueFuzz is outdated, I have replaced it with QueRub which you can read more about here.

STOP QueFuzz is old, read the text above this!

QueFuzz is a small fuzzer that uses libnetfilter_queue to take in packets from iptables. It's fuzzing engine reads a small template file and fuzzes the packets as you requested. QueFuzz has a very short learning curve, unlike many other fuzzing frameworks. It may not be as powerful but you can have it up and fuzzing in under a minute.

Unlike other fuzzers, QueFuzz is not focused on data generation. It relies on a valid application to generate the data and instead just mutates the network traffic inline and passes it on. Heres an a quick how-to:

1. Setup an iptables rule that queues all outgoing packets with a TCP destination port of 80.

iptables -A OUTPUT -p tcp --dport 80 -j QUEUE

2. Start QueFuzz with an HTTP template that looks like this

$ cat http.fuz
quefuzz HTTP {
ip_src (192.168.4.3)
ip_dst (192.168.4.2)
replace (AAAA) (BBBB)
replace (GET /index.html) (GET /../../../../)
replace (Content-Length: 90) (Content-Length: -1)
replace (User-Agent: Mozilla) (User-Agent: Moz%n%n)
binary_replace (04050f) (616263)
fuzz_word (Content-Length)
random_binary
random_ascii
random_depth 2
}
$./quefuzz -t http.fuz -v -f3. Open your HTTP browser, and connect to your server at 192.168.4.2 as normal. QueFuzz takes care of the packet mutation inline, all you have to do is monitor your server or client with a debugger for any potential crashes.

(The example template has all keywords used)

QueFuzz can obviously be used in the opposite direction. You can fuzz your client using your server. It doesn't care what direction the traffic is going. Its not as in-depth as some of the better fuzzing frameworks out there like Sulley or Spike, but it gets the job done.

Heres a basic flow chart of how it works:

http://em386.blogspot.com | http://chris.rohlf.googlepages.com/index.html

Tags

libnetfilter fuzzer testing linux fuzzing security

In a Nutshell, quefuzz...

 No code available to analyze

Open Hub computes statistics on FOSS projects by examining source code and commit history in source code management systems. This project has no code locations, and so Open Hub cannot perform this analysis

Is this project's source code hosted in a publicly available repository? Do you know the URL? If you do, click the button below and tell us so that Open Hub can generate statistics! It's fast and easy - try it and see!

Add a code location

This Project has No vulnerabilities Reported Against it

Did You Know...

  • ...
    Black Duck offers a free tool to discover if there are open source vulnerabilities in your code
  • ...
    compare projects before you chose one to use
  • ...
    use of OSS increased in 65% of companies in 2016
  • ...
    data presented on the Open Hub is available through our API

 No code available to analyze

Open Hub computes statistics on FOSS projects by examining source code and commit history in source code management systems. This project has no code locations, and so Open Hub cannot perform this analysis

Is this project's source code hosted in a publicly available repository? Do you know the URL? If you do, click the button below and tell us so that Open Hub can generate statistics! It's fast and easy - try it and see!

Add a code location

Community Rating

Be the first to rate this project
Click to add your rating
   Spinner
Review this Project!
Sample ohloh analysis