Skip to content

Releases: jtpereyda/boofuzz

Bug fixes and usability tweaks

17 Nov 22:47
0ddc948
Compare
Choose a tag to compare

v0.1.2

Features

  • Clearer error message when procmon is unavailable at fuzz start.
  • Web UI now refreshes current case even when snap-to-current-test-case is disabled.

Fixes

  • Web UI no longer permits negative test cases.
  • Fix Windows procmon regression.
  • Minor fixes and UI tweaks.

Open DB Files from Command Line

02 Oct 01:06
7a977d7
Compare
Choose a tag to compare

v0.1.1

Features

  • New boo open command can open and inspect saved database log files.
  • Unix procmon now saves coredumps by default.
  • Improved "Cannot connect to target" error message.
  • Improved API for registering callbacks.
  • Made the global REQUESTS map available in top level boofuzz package.

Fixes

  • Handle exceptions when opening crash bin files in process monitor.
  • Fix Block.__len__ to account for custom encoder.

v0.1.0 Shiny Web UI

08 Aug 09:35
51a8204
Compare
Choose a tag to compare

v0.1.0

Features

  • Web UI
    • Statistics now auto-update.
    • Test case logs now stream on the main page.
    • Cool left & right arrow buttons to move through test case
  • New Session parameter receive_data_after_fuzz. Controls whether to execute a receive step after sending
    fuzz messages. Defaults to False. This significantly speeds up tests in which the target tends not to respond to
    invalid messages.

Web GUI Improvements & Many Tweaks

29 Jul 08:41
Compare
Choose a tag to compare

v0.0.13

Features

  • Web UI
    • Test case numbers are now clickable and link to test case detail view.
    • Test case details now in color!
  • FuzzLoggerDB
    • Added FuzzLoggerDB to allow querying of test results during and after test run. Saves results in a SQLite file.
    • Added Session.open_test_run() to read test results database from previous test run.
  • New Session.feature_check() method to verify protocol functionality before fuzzing.
  • Process Monitor
    • Unify process monitor command line interface between Unix and Windows.
    • Added procmon option proc_name to support asynchronously started target processes.
    • procmon is now checked for errors before user post_send() is called, reducing redundant error messages.
    • Improved procmon logging.
    • Process monitor gives more helpful error messages when running 64-bit application (unsupported) or when a process is
      killed before being attached
  • Logging Improvements
    • Target open() and close() operations are now logged.
    • Added some optional debug output from boofuzz runtime.
    • Improve capability and logging of messages' callback methods.
  • New Session & Connection Options
    • Add Session receive_data_after_each_request option to enable disabling of data receipt after messages are sent.
    • Session skip argument replaced with index_start and index_end.
    • Session now has separate crash thresholds for elements/blocks and nodes/messages.
    • Give SocketConnection separate timeouts for send()/recv().
  • Ease of Use
    • Target.recv() now has a default max_bytes value.
    • Added DEFAULT_PROCMON_PORT constant.
    • Session.post_send()'s sock parameter now deprecated (use target instead).

Fixes

  • Fixed bug in which failures were not recognized.
  • BitField blocks with ASCII format reported incorrect sizes.
  • Fixed bug in s_update.
  • Handle socket errors that were getting missed.
  • Fixed process monitor logging when providing more or less than 1 stop/start commands.
  • Show graceful error on web requests for non-existent test cases.
  • get_max_udp_size() was crashing in Windows.
  • String padding was not always being applied.
  • String was not accepting unicode strings in value parameter.
  • String was skipping valid mutations and reporting wrong num_mutations() when size parameter was used.
  • Unix and Windows process monitors now share much more code.

Development

  • Added unit tests for BitField.
  • Cleaned up CSS on web pages.
  • Added a unit test to verify restart on failure behavior

v0.0.12 Human Readable Test Case Names

16 Apr 04:37
b3c3c68
Compare
Choose a tag to compare

0.0.12

Features

  • Test cases now have descriptive names
  • Added Session methods to fuzz a test cae by name: fuzz_by_name and fuzz_single_node_by_path

Fixes

  • Fixed test case numbers when using fuzz_single_case

v0.0.11 Receive Is Now Optional With check_data_received_each_request

23 Nov 03:25
6cede52
Compare
Choose a tag to compare

0.0.11

Features

  • Set Session check_data_received_each_request to False to disable receive after send.

Fixes

  • Dosctring format fixes.

v0.0.10 Session ignore_connection_reset and ignore_connection_aborted

05 Nov 09:11
c2f8d36
Compare
Choose a tag to compare

0.0.10

Features

  • Add Session ignore_connection_reset parameter to suppress ECONNRESET errors.
  • Add Session ignore_connection_aborted parameter to suppress ECONNABORTED errors.

Fixes

  • Fix Session class docstring formats.

v0.0.9 - CSV Logger, s_size fuzzable by default, read fuzz values from file

23 Aug 22:33
Compare
Choose a tag to compare

0.0.9

Features

  • s_size is now fuzzable by default.
  • Add new s_fuzz_list primitive to read fuzz value from files.
  • Add new FuzzLoggerCsv to write log in CSV format

Fixes

  • Fixed: Add missing dummy value for custom checksum, allowing recursive uses of length/checksum (issue #107)

v0.0.8 - Colors and procmon upgrades

07 May 04:59
Compare
Choose a tag to compare

0.0.8

Features

  • Console output - now with colors!
  • process_monitor_unix.py: added option to move coredumps for later analysis.
  • The process monitor (procmon) now tracks processes by PID by default rather than searching by name. Therefore,
    stop_commands and proc_name are no longer required.
  • SIGINT (AKA Ctrl+C) now works to close both boofuzz and process_monitor.py (usually).
  • Made Unix procmon more compatible with Windows.
  • Improved procmon debugger error handling, e.g., when running 64-bit apps.
  • Windows procmon now runs even if pydbg fails.
  • Added --help parameter to process monitor.
  • Target class now takes procmon and procmon_options in constructor.
  • Added example fuzz scripts.

Fixes

  • SIGINT (AKA Ctrl+C) now works to close both boofuzz and process_monitor.py (usually).
  • Fixed: The pedrpc module was not being properly included in imports.
  • Made process_monitor.py --crash_bin optional (as documented).
  • Improved procmon behavior when certain parameters aren't given.
  • Improved procmon error handling.
  • Fixed a bug in which the procmon would not properly restart a target that had failed without crashing.

v0.0.7

17 Feb 06:31
Compare
Choose a tag to compare

0.0.7

Features

  • Added several command injection strings from fuzzdb.
  • Blocks can now be created and nested using with s_block("my-block"):

Fixes

  • Fixed pydot import error message