File: PKG-INFO

package info (click to toggle)
fusil 0.8-1
  • links: PTS
  • area: main
  • in suites: lenny
  • size: 636 kB
  • ctags: 708
  • sloc: python: 5,315; makefile: 50; sh: 30
file content (159 lines) | stat: -rw-r--r-- 7,108 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
 
Metadata-Version: 1.0
Name: fusil
Version: 0.8
Summary: Fuzzing framework
Home-page: http://fusil.hachoir.org/
Author: Victor Stinner
Author-email: UNKNOWN
License: GNU GPL v2
Download-URL: http://fusil.hachoir.org/
Description: Fusil is a Python library used to write fuzzing programs. It helps to start
        process with a prepared environment (limit memory, environment variables,
        redirect stdout, etc.), start network client or server, and create mangled
        files. Fusil has many probes to detect program crash: watch process exit code,
        watch process stdout and syslog for text patterns (eg. "segmentation fault"),
        watch session duration, watch cpu usage (process and system load), etc.
        
        Fusil is based on a multi-agent system architecture. It computes a session
        score used to guess fuzzing parameters like number of injected errors to input
        files.
        
        Available fuzzing projects: ClamAV, Firefox (contains an HTTP server),
        gettext, gstreamer, identify, libc_env, libc_printf, libexif, linux_syscall,
        mplayer, php, poppler, vim, xterm.
        
        Website: http://fusil.hachoir.org/
        
        
        Features
        ========
        
        Why using Fusil instead your own hand made C script?
        
        * Fusil limits child process environment: limit memory, use timeout, make
        sure that process is killed on session end
        * Fusil waits until system load is load before starting a fuzzing session
        * Fusil creates a session directory used as the process current working
        directory and Fusil only creates files in this directory (and not in /tmp)
        * Fusil stores all actions in fusil.log but also session.log for all
        actions related of a session
        * Fusil has multiple available probes to compute session score: guess if
        a sessions is a succes or not
        * Fusil redirects process output to a file and searchs bug text patterns
        in the stdout/stderr (Fusil contains many text patterns to detect crashes
        and problems)
        
        
        Installation
        ============
        
        Read INSTALL documentation file.
        
        
        Documentation
        =============
        
        Read files in doc/ directory.
        
        
        Changelog
        =========
        
        Version 0.8 (2008-03-26)
        -----------------------
        
        * Gstreamer project: use decodebin with fakesink for faster fuzzing
        * Bugfix: fix FileWatch for Mac OS X (save/restore file cursor)
        * Create IncrMangle (incremental): new mangle algorithm
        * Use locateProgram() to avoid full program path (eg. replace "/usr/bin/mplayer" by "mplayer")
        * Don't set MALLOC_CHECK_ environment variable
        * Bugfix: truncate aggressivity to 2 digits to avoid comparaison bugs
        * Use ptrace python module (but don't use the debugger)
        
        Version 0.7 (2008-01-03)
        ------------------------
        
        Visible changes:
        
        * Create Firefox project: HTTP server providing mangled image (or any
        embedded document, like Flash document)
        * Create network server, UNIX socket client, and HTTP server
        * Basic support of Windows operating system: write especially functions
        for process managment on Windows, and MangleFile opens file
        in binary mode
        * EnvironmentVariable has max_count argument to generate multiple
        variables when name is a list
        * Create --aggressivity=VALUE and --version command line options
        * session_done() event is replaced by session_stop(), session_done(score)
        event is now send by Session with the final session score and the event
        can now by catched by agents.
        * mangle_filename() and mangle_files() events are replaced by unique
        mangle_filenames() event
        * Create TerminalEcho(), used by mplayer project to restore terminal
        echo mode on exit
        * Create sendKey() function to send a keystroke to a X11 window
        * php project: remove undefined function automatically
        * Environement don't copy any variable anymore by default, except on
        Windows: copy SYSTEMROOT variable
        
        Minor changes:
        
        * libc_env project: generate between 1 and 5 variables
        * SystemCalm always display a first and last message with INFO log level
        * Write graph.dat in run-0001 directory
        * Merge WatchProcessPID class into WatchProcess
        * Remove 'pipe' type for StdoutFile, 'file' type is better
        * linux.proc functions only send ProcError exceptions
        * Fix searchProcessByName() for Linux kernel processes
        * Multi agent system is now executed by Univers agent, instead of Project
        agent
        * Environment displays generated variable with WARNING log level
        
        Version 0.6 (2007-12-18)
        ------------------------
        
        * Create "aggressivity" factor used for mangle autoconfiguration: use
        score of previous session to update aggressity factor, and this factor
        is used to compute the operations types and the number of operations
        * Add fusil.os_tools module for Fusil portability: Fusil now works on
        Linux, NetBSD and Mac OS X (at least)
        * New command line options: --max-success (default: 5), --quiet, --fast,
        --slow, --keep-all-sessions, --profiler
        * New probe: process CPU usage and ProcessTimeWatch
        * Create function to wait until system load is low (default: under 50% CPU)
        * Create UnixPathGenerator() in fusil.bytes_generator module
        * FileWatch:
        
        * Limit live() duration to 250 ms
        * Write documentation,
        * Add more words (pointer, memory, ...),
        * Create addRegex() method,
        * Add maximum number of line probe,
        * Remove tell() and seek() calls,
        * Do not log not matching line anymore (can be changed with
        log_not_matching option)
        
        * Fix race condition in StdoutFile: re-open stdout in read-only mode for
        FileWatch, and disable buffering
        * Merge MangleFile and MangleMultipleFiles
        * Session is only destroyed at the end of a MAS step
        * Write more unit tests
        * Create new projects: at, gstreamer, libx11
        * Environment doesn't copy LANG and LANGUAGE anymore
        * SessionDirectory keeps data on application error
        * Fix many little bugs and improvment a lot of code
        
        Version 0.5 (2007-11-28)
        ------------------------
        
        * First public release
        
        
Platform: UNKNOWN
Classifier: Intended Audience :: Developers
Classifier: Development Status :: 4 - Beta
Classifier: Environment :: Console
Classifier: License :: OSI Approved :: GNU General Public License (GPL)
Classifier: Operating System :: OS Independent
Classifier: Natural Language :: English
Classifier: Programming Language :: Python