Git Product home page Git Product logo

hermes's Introduction

Hermes

Documents

Achievement:

  • CVE-2019-19307

Install dependencies

  • Install libpcap for recording communication between server and client
$ sudo apt-get install libpcap-dev

Build fuzzers

Custom AFL

  • Build custom AFL by entering the directory afl-2.52b
$ cd afl-2.52b
$ make
$ sudo make install

AFL-Protocol fuzzer

  • Build the protocol fuzzer
$ cd afl-protocol
$ make

Test samples

Simple echo server

  • Build simple server and make input folder
$ cd sample/simple
$ CC=afl-gcc make
$ mkdir input_dir
  • Record network traffics as initial input by running the interceptor. First, we start server
$ sample/simple/server 4000
Server is listening on 4000

Open another terminal, run interceptor

$ sudo afl-protocol/interceptor -m tcp -i 127.0.0.1 -p 4000 -d lo -o sample/simple/input_dir/input

Open another terminal, do the protocol as a client

$ nc localhost 4000
hello
hello

Wait a minute and then terminate the interceptor by hitting Ctrl-C. Now data has been recorded. Remember to drop privilege of input file

$ sudo chown user:user sample/simple/input_dir/input
  • Start fuzzing with PAUSE/RESUME mechanism and unix socket to speed up
$ cd afl-protocol
$ BIND_DIR=/tmp/ USE_SOCKFD=3 USE_SIGSTOP=1 ./afl-fuzz -i ../sample/simple/input_dir -o ../sample/simple/out -p 4000 -h ./libhook.so -t 10000  -- ../sample/simple/server 4000

Screen shot for simple server

Complex chat room

  • Build chat room server and make input folder
$ cd sample/complex
$ CC=afl-gcc make
$ mkdir input_dir
  • Record network traffics as initial input by running the interceptor. First, we start complex
$ sample/complex/complex
<[ SERVER STARTED ]>

Open another terminal, run interceptor

$ sudo afl-protocol/interceptor -m tcp -i 127.0.0.1 -p 5000 -d lo -o sample/complex/input_dir/input

Open another terminal, do the protocol as a client

$ nc localhost 5000
<< 11 has joined
<< see /help for assistance
/help
<< /quit     Quit chatroom
<< /crash    Make the program crash
<< /ping     Server test
<< /topic    <message> Set chat topic
<< /nick     <name> Change nickname
<< /msg      <reference> <message> Send private message
<< /list     Show active clients
<< /help     Show help

Wait a minute and then terminate the interceptor by hitting Ctrl-C. Now data has been recorded. Remember to drop privilege of input file

$ sudo chown user:user sample/complex/input_dir/input
  • Start fuzzing with PAUSE/RESUME mechanism and unix socket to speed up
$ cd afl-protocol
$ BIND_DIR=/tmp/ USE_SOCKFD=3 USE_SIGSTOP=1 ./afl-fuzz -i ../sample/complex/in -o ../sample/complex/out -p 5000 -h ./libhook.so -t 10000  -- ../sample/complex/complex

Screen shot for complex chat room

Run with Docker

Build it

docker build . -t fuzzer

Then run it

docker run fuzzer simple
docker run fuzzer complex

hermes's People

Contributors

hardtobelieve avatar everping avatar

Stargazers

avatar

Watchers

James Cloos avatar

Forkers

ufwt 00mjk

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.