I'm trying to build a (protocol) fuzzer. For that I need to monitor if the target isn't crashed (separate device). To start simple, I've programmed a simple server (running on another machine) that will return an OK or a NOK, or closes its connection. This is working beautifully.
Now I've already build something that will fuzz the simple server, reads the response of the server (the OK and NOK), I want to monitor if the connection isn't closed, by trying to connect to it.
According the BooFuzz documentation (I'm using BooFuzz 0.4.2) it has to be done with the NetworkMonitor and its function alive(). I've used the example autoprog as basis and modified the monitor call, but it keeps mentioning IOT_TargetMonitor.init() is missing 1 required positional argument. I've tried adding the requested arguments (in this case the host and port), but no success. Am I missing someting?
The code I'm using at the moment:
The main routine:
def main():
# Define the IOT_TargetMonitor
IOT_TargetMonitor(host = g_target_ip_addr, port = g_target_port)
# Create the session
session = Session(
target = Target(
connection = TCPSocketConnection(host = g_target_ip_addr, port = g_target_port),
monitors = [IOT_TargetMonitor],
monitor_alive = [IOT_TargetMonitor],
),
)
# A simple message that easily finds the bug in the simple server
message1 = Request(
"message1",
children=(
Simple(name="first_byte", default_value=b"\x01", fuzz_values=[b"6", b"B", b"C"]),
Simple(name="second_byte", default_value=b"\x02", fuzz_values=[b"1", b"6", b"3"]),
Simple(name="third_byte", default_value=b"\x03", fuzz_values=[b"@", b"#", b"6"]),
),
)
session.connect(message1)
# sleep time between tests
session.sleep_time = 0.01
# after fuzzing, data is to be received. The response of my simple server
session._receive_data_after_fuzz = True
# use only one target connection instead of reconnecting each test case
session._reuse_target_connection = True
# start fuzzing
session.fuzz()
The main routine calls IOT_TargetMonitor:
class IOT_TargetMonitor(NetworkMonitor):
global g_target_ip_addr
global g_target_port
def __init__(self, host, port):
self.host = host
self.port = port
def alive():
print("Checking if IOT device is alive.....")
mylogger.log_info("Checking if IOT device is alive")
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
try:
sock.connect((g_target_ip_addr, g_target_port))
mylogger.log_pass(description="alive")
return True
except ConnectionRefusedError:
mylogger.log_fail(description="Server down")
return False
All the other functions are overridden too, but contains just print commands
The (error) messages from the command prompt are:
[2023-10-15 13:39:01,970] Info: Web interface can be found at http://localhost:26000
Checking if IOT device is alive.....
[2023-10-15 13:39:01,971] Info: Checking if IOT device is alive
[2023-10-15 13:39:01,973] Check OK: alive
Traceback (most recent call last):
File "y:\Python\TestFuzzer\test_boo.py", line 192, in <module>
main()
File "y:\Python\TestFuzzer\test_boo.py", line 145, in main
session = Session(
^^^^^^^^
File "C:\Users\Licensed User\AppData\Local\Programs\Python\Python311\Lib\site-packages\boofuzz\sessions\session.py", line 265, in __init__
self.add_target(target)
File "C:\Users\Licensed User\AppData\Local\Programs\Python\Python311\Lib\site-packages\boofuzz\sessions\session.py", line 303, in add_target
target.monitors_alive()
File "C:\Users\Licensed User\AppData\Local\Programs\Python\Python311\Lib\site-packages\boofuzz\sessions\target.py", line 135, in monitors_alive
cb(monitor)
TypeError: IOT_TargetMonitor.__init__() missing 1 required positional argument: 'port'