1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159
|
Metadata-Version: 1.0
Name: fusil
Version: 0.8
Summary: Fuzzing framework
Home-page: http://fusil.hachoir.org/
Author: Victor Stinner
Author-email: UNKNOWN
License: GNU GPL v2
Download-URL: http://fusil.hachoir.org/
Description: Fusil is a Python library used to write fuzzing programs. It helps to start
process with a prepared environment (limit memory, environment variables,
redirect stdout, etc.), start network client or server, and create mangled
files. Fusil has many probes to detect program crash: watch process exit code,
watch process stdout and syslog for text patterns (eg. "segmentation fault"),
watch session duration, watch cpu usage (process and system load), etc.
Fusil is based on a multi-agent system architecture. It computes a session
score used to guess fuzzing parameters like number of injected errors to input
files.
Available fuzzing projects: ClamAV, Firefox (contains an HTTP server),
gettext, gstreamer, identify, libc_env, libc_printf, libexif, linux_syscall,
mplayer, php, poppler, vim, xterm.
Website: http://fusil.hachoir.org/
Features
========
Why using Fusil instead your own hand made C script?
* Fusil limits child process environment: limit memory, use timeout, make
sure that process is killed on session end
* Fusil waits until system load is load before starting a fuzzing session
* Fusil creates a session directory used as the process current working
directory and Fusil only creates files in this directory (and not in /tmp)
* Fusil stores all actions in fusil.log but also session.log for all
actions related of a session
* Fusil has multiple available probes to compute session score: guess if
a sessions is a succes or not
* Fusil redirects process output to a file and searchs bug text patterns
in the stdout/stderr (Fusil contains many text patterns to detect crashes
and problems)
Installation
============
Read INSTALL documentation file.
Documentation
=============
Read files in doc/ directory.
Changelog
=========
Version 0.8 (2008-03-26)
-----------------------
* Gstreamer project: use decodebin with fakesink for faster fuzzing
* Bugfix: fix FileWatch for Mac OS X (save/restore file cursor)
* Create IncrMangle (incremental): new mangle algorithm
* Use locateProgram() to avoid full program path (eg. replace "/usr/bin/mplayer" by "mplayer")
* Don't set MALLOC_CHECK_ environment variable
* Bugfix: truncate aggressivity to 2 digits to avoid comparaison bugs
* Use ptrace python module (but don't use the debugger)
Version 0.7 (2008-01-03)
------------------------
Visible changes:
* Create Firefox project: HTTP server providing mangled image (or any
embedded document, like Flash document)
* Create network server, UNIX socket client, and HTTP server
* Basic support of Windows operating system: write especially functions
for process managment on Windows, and MangleFile opens file
in binary mode
* EnvironmentVariable has max_count argument to generate multiple
variables when name is a list
* Create --aggressivity=VALUE and --version command line options
* session_done() event is replaced by session_stop(), session_done(score)
event is now send by Session with the final session score and the event
can now by catched by agents.
* mangle_filename() and mangle_files() events are replaced by unique
mangle_filenames() event
* Create TerminalEcho(), used by mplayer project to restore terminal
echo mode on exit
* Create sendKey() function to send a keystroke to a X11 window
* php project: remove undefined function automatically
* Environement don't copy any variable anymore by default, except on
Windows: copy SYSTEMROOT variable
Minor changes:
* libc_env project: generate between 1 and 5 variables
* SystemCalm always display a first and last message with INFO log level
* Write graph.dat in run-0001 directory
* Merge WatchProcessPID class into WatchProcess
* Remove 'pipe' type for StdoutFile, 'file' type is better
* linux.proc functions only send ProcError exceptions
* Fix searchProcessByName() for Linux kernel processes
* Multi agent system is now executed by Univers agent, instead of Project
agent
* Environment displays generated variable with WARNING log level
Version 0.6 (2007-12-18)
------------------------
* Create "aggressivity" factor used for mangle autoconfiguration: use
score of previous session to update aggressity factor, and this factor
is used to compute the operations types and the number of operations
* Add fusil.os_tools module for Fusil portability: Fusil now works on
Linux, NetBSD and Mac OS X (at least)
* New command line options: --max-success (default: 5), --quiet, --fast,
--slow, --keep-all-sessions, --profiler
* New probe: process CPU usage and ProcessTimeWatch
* Create function to wait until system load is low (default: under 50% CPU)
* Create UnixPathGenerator() in fusil.bytes_generator module
* FileWatch:
* Limit live() duration to 250 ms
* Write documentation,
* Add more words (pointer, memory, ...),
* Create addRegex() method,
* Add maximum number of line probe,
* Remove tell() and seek() calls,
* Do not log not matching line anymore (can be changed with
log_not_matching option)
* Fix race condition in StdoutFile: re-open stdout in read-only mode for
FileWatch, and disable buffering
* Merge MangleFile and MangleMultipleFiles
* Session is only destroyed at the end of a MAS step
* Write more unit tests
* Create new projects: at, gstreamer, libx11
* Environment doesn't copy LANG and LANGUAGE anymore
* SessionDirectory keeps data on application error
* Fix many little bugs and improvment a lot of code
Version 0.5 (2007-11-28)
------------------------
* First public release
Platform: UNKNOWN
Classifier: Intended Audience :: Developers
Classifier: Development Status :: 4 - Beta
Classifier: Environment :: Console
Classifier: License :: OSI Approved :: GNU General Public License (GPL)
Classifier: Operating System :: OS Independent
Classifier: Natural Language :: English
Classifier: Programming Language :: Python
|