The research team at iViZ have been working on a simple yet powerful idea for rapid fuzz testing of Network Applications. Theoretically fuzzing involves supplying in-valid or semi-invalid input set to the target application and monitoring for possible faults. This is highly useful for finding out newer vulnerabilities in applications. However , the security researchers are often faced with problems like :
- Wide set of different protocols publicly available along with proprietary protocols.
- Non-public specifications.
- Writing fuzzers for each the different protocol is highly time consuming.
Introducing Wireplay
Wireplay can be used as a quick approach to preliminary fuzzing of applications implementing totally unknown/custom protocol. The fundamental concept of Wireplay is to read PCAP dumps of valid communication between the target server and its original client application, modify the original client-to- server data to introduce possible faults in the server and replay it to the server. Wireplay uses stream socket to communicate with server and uses only the TCP Payload part from the pcap dumps hence it avoids any of the internal details of handling TCP keeping itself to minimal and simple.
The tool can be downloaded at http://code.google.com/p/wireplay/
Watch out this space for a detailed paper, methodology and usage tricks of Wireplay very soon. This project is entirely developed, designed and conceptualized by Abhisek Datta with the original idea from ex-colleague Jonathan Brossard. Not to mention it is also one of his personal project in 20% time.
{ 2 trackbacks }
{ 0 comments… add one now }