connect(s_get("LPR shallow request")) #shallow fuzz
sess.connect(s_get("LPR deep request")) #deep fuzz, with correct formats
# render the diagram for inspection (OPTIONAL)
fh = open("LPR_session_diagram.udg", "w+")
fh.write(sess.render_graph_udraw())
fh.close()
print "graph is ready for inspection"
NOTE The crash_threshold option allows us to move on once we get a
certain number of crashes.
Now we can run the program and produce the session graph for visual inspection.
{common host-guest path to sulley}>mkdir audits # keep audit data here
{common host-guest path to sulley}>python fuzz_niprint_lpr_servert_515.py
graph is ready for inspection
Gray Hat Hacking: The Ethical Hacker??™s Handbook
450
Open session graph with uDraw:
{common host-guest path to sulley}>"c:\Program Files\uDraw(Graph)\bin\
uDrawGraph.exe"
LPR_session_diagram.udg
Figure 17-1 should appear. As you can see, Sulley will first fuzz the ???LPR shallow
request,??? then the ???LPR deep request.???
NOTE We are not doing justice to the session feature of Sulley; see
documentation for a description of the full capability here.
Before we put our fuzzer into action, we need to instrument our target (which is running
in VMware) so that we can track faults and network traffic.
Pages:
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792