gpt4 book ai didi

testing - 使用 Peach Fuzzer 模糊 TCP 数据包

转载 作者:行者123 更新时间:2023-11-28 21:28:49 30 4
gpt4 key购买 nike

我有两个应用程序,Sender.exe 和 Receiver.exe。我必须对发送方与接收方之间发送的 tcp 数据包进行模糊测试。

我是 Peach Fuzzer 的初学者。您能否提供一个示例(Peach Pit)来说明如何对 TCP 数据包进行模糊测试。我无法在互联网上找到样本。

最佳答案

给定的代码可能会对您有所帮助。此 xml PIT 代码将使用请求 header 向本地主机发送 GET 请求

GET https://localhost HTTP/1.1
HOST : http://localhost
content-length: {some value depend ur body}

{body}

只需将此 xml 放入文件,然后 ./peach -1 --debug pathtofile/file.xml

<?xml version="1.0" encoding="utf-8"?>
<Peach xmlns="http://peachfuzzer.com/2012/Peach" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://peachfuzzer.com/2012/Peach /peach/peach.xsd">
<DataModel name="Headermodel">
<String name="Header" />
<String value=": "/>
<String name="Value" />
<String value="\r\n" />
</DataModel>


<DataModel name="HttpRequest">
<!-- The HTTP reqest line: GET http://foo.coi HTTP/l.O -->
<Block name= "RequestLine">
<String name="Method"/>
<String value=" "/>
<String name="RequestUri"/>
<String value=" "/>
<String name="HttpVersion"/>
<String value="\r\n"/>
</Block>

<Block name="HeaderHost" ref="Headermodel">
<String name="Header" value="Host" />
</Block>

<Block name="HeaderContentLength" ref="Headermodel">
<String name="Header" value="Content-Length" />
<!-- <String name="Header" value="Content-Length" /> -->
<String name="Value">
<Relation type="size" of="httpBody.content"/>
</String>
</Block>

<!-- <String value="\r\n"/> -->

<Block name="httpBody">
<String name="content" value="length is 12" />
</Block>
</DataModel>


<Data name="HttpGet" >
<Field name="RequestLine.Method" value="GET"/>
<Field name="RequestLine.RequestUri" value="http://localhost" />
<Field name="RequestLine.HttpVersion" value="HTTP/1.1"/>
<Field name="HeaderHost.Value" value="http://localhost"/>
<Field name="httpBody.content" value="\r\nfuzz"/>
</Data>

<Data name="HttpOptions" ref="HttpGet">
<Field name="RequestLine.Method" value="OPTIONS"/>
<Field name="RequestLine.RequestUri" value="*" />
<Field name="HeaderHost.Value" value="" />
</Data>

<StateModel name="State1" initialState="Initial">
<State name="Initial">
<Action type="output">
<DataModel ref="HttpRequest"/>
<Data ref="HttpGet"/>
</Action>
</State>
</StateModel>

<StateModel name="State2" initialState="Initial">
<State name="Initial">
<Action type="output">
<DataModel ref="HttpRequest" />
<Data ref="HttpOptions" />
</Action>
</State>
</StateModel>

<Test name="Default">
<StateModel ref="State1"/>

<Publisher class="TcpClient">
<Param name="Host" value="localhost" />
<Param name="Port" value="80" />
</Publisher>
<Logger class="File">
<Param name="Path" value="logs"/>
</Logger>
</Test>

关于testing - 使用 Peach Fuzzer 模糊 TCP 数据包,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/31041926/

30 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com