Releases: jtpereyda/boofuzz
Releases · jtpereyda/boofuzz
Bug fixes and usability tweaks
v0.1.2
Features
- Clearer error message when procmon is unavailable at fuzz start.
- Web UI now refreshes current case even when snap-to-current-test-case is disabled.
Fixes
- Web UI no longer permits negative test cases.
- Fix Windows procmon regression.
- Minor fixes and UI tweaks.
Open DB Files from Command Line
v0.1.1
Features
- New
boo open
command can open and inspect saved database log files. - Unix procmon now saves coredumps by default.
- Improved "Cannot connect to target" error message.
- Improved API for registering callbacks.
- Made the global
REQUESTS
map available in top level boofuzz package.
Fixes
- Handle exceptions when opening crash bin files in process monitor.
- Fix Block.__len__ to account for custom encoder.
v0.1.0 Shiny Web UI
v0.1.0
Features
- Web UI
- Statistics now auto-update.
- Test case logs now stream on the main page.
- Cool left & right arrow buttons to move through test case
- New
Session
parameterreceive_data_after_fuzz
. Controls whether to execute a receive step after sending
fuzz messages. Defaults to False. This significantly speeds up tests in which the target tends not to respond to
invalid messages.
Web GUI Improvements & Many Tweaks
v0.0.13
Features
- Web UI
- Test case numbers are now clickable and link to test case detail view.
- Test case details now in color!
FuzzLoggerDB
- Added FuzzLoggerDB to allow querying of test results during and after test run. Saves results in a SQLite file.
- Added
Session.open_test_run()
to read test results database from previous test run.
- New
Session.feature_check()
method to verify protocol functionality before fuzzing. - Process Monitor
- Unify process monitor command line interface between Unix and Windows.
- Added procmon option
proc_name
to support asynchronously started target processes. - procmon is now checked for errors before user
post_send()
is called, reducing redundant error messages. - Improved procmon logging.
- Process monitor gives more helpful error messages when running 64-bit application (unsupported) or when a process is
killed before being attached
- Logging Improvements
Target
open()
andclose()
operations are now logged.- Added some optional debug output from boofuzz runtime.
- Improve capability and logging of messages'
callback
methods.
- New
Session
& Connection Options- Add
Session
receive_data_after_each_request
option to enable disabling of data receipt after messages are sent. Session
skip
argument replaced withindex_start
andindex_end
.Session
now has separate crash thresholds for elements/blocks and nodes/messages.- Give
SocketConnection
separate timeouts forsend()
/recv()
.
- Add
- Ease of Use
Target.recv()
now has a defaultmax_bytes
value.- Added
DEFAULT_PROCMON_PORT
constant. Session.post_send()
'ssock
parameter now deprecated (usetarget
instead).
Fixes
- Fixed bug in which failures were not recognized.
BitField
blocks with ASCII format reported incorrect sizes.- Fixed bug in
s_update
. - Handle socket errors that were getting missed.
- Fixed process monitor logging when providing more or less than 1 stop/start commands.
- Show graceful error on web requests for non-existent test cases.
get_max_udp_size()
was crashing in Windows.String
padding was not always being applied.String
was not accepting unicode strings invalue
parameter.String
was skipping valid mutations and reporting wrongnum_mutations()
whensize
parameter was used.- Unix and Windows process monitors now share much more code.
Development
- Added unit tests for
BitField
. - Cleaned up CSS on web pages.
- Added a unit test to verify restart on failure behavior
v0.0.12 Human Readable Test Case Names
0.0.12
Features
- Test cases now have descriptive names
- Added Session methods to fuzz a test cae by name:
fuzz_by_name
andfuzz_single_node_by_path
Fixes
- Fixed test case numbers when using
fuzz_single_case
v0.0.11 Receive Is Now Optional With check_data_received_each_request
0.0.11
Features
- Set Session
check_data_received_each_request
to False to disable receive after send.
Fixes
- Dosctring format fixes.
v0.0.10 Session ignore_connection_reset and ignore_connection_aborted
0.0.10
Features
- Add Session ignore_connection_reset parameter to suppress ECONNRESET errors.
- Add Session ignore_connection_aborted parameter to suppress ECONNABORTED errors.
Fixes
- Fix Session class docstring formats.
v0.0.9 - CSV Logger, s_size fuzzable by default, read fuzz values from file
0.0.9
Features
s_size
is now fuzzable by default.- Add new s_fuzz_list primitive to read fuzz value from files.
- Add new FuzzLoggerCsv to write log in CSV format
Fixes
- Fixed: Add missing dummy value for custom checksum, allowing recursive uses of length/checksum (issue #107)
v0.0.8 - Colors and procmon upgrades
0.0.8
Features
- Console output - now with colors!
- process_monitor_unix.py: added option to move coredumps for later analysis.
- The process monitor (procmon) now tracks processes by PID by default rather than searching by name. Therefore,
stop_commands and proc_name are no longer required. - SIGINT (AKA Ctrl+C) now works to close both boofuzz and process_monitor.py (usually).
- Made Unix procmon more compatible with Windows.
- Improved procmon debugger error handling, e.g., when running 64-bit apps.
- Windows procmon now runs even if pydbg fails.
- Added
--help
parameter to process monitor. - Target class now takes
procmon
andprocmon_options
in constructor. - Added example fuzz scripts.
Fixes
- SIGINT (AKA Ctrl+C) now works to close both boofuzz and process_monitor.py (usually).
- Fixed: The pedrpc module was not being properly included in imports.
- Made process_monitor.py
--crash_bin
optional (as documented). - Improved procmon behavior when certain parameters aren't given.
- Improved procmon error handling.
- Fixed a bug in which the procmon would not properly restart a target that had failed without crashing.