Getting Started with Network Fuzzers
SPIKE
Notes about SPIKE
SPIKE is notoriously hard to compile and get working, so if you had to change something to make it work on your computer, post your instructions to the mailing list so everyone else can benefit.
Instructions for OSX
- In the makefile, remove:
- ld -share -soname libdlrpc.so -o libdlrpc.o -lc dlrpc.o dlargs.o $(SPIKE_OBS)
- In the makefile, add:
- ld -dynamic -flat_namespace -bundle -undefined suppress -o libdlrpc.so -lc -ldl dlrpc.o dlargs.o $(SPIKE_OBS)
- Change LD_LIBRARY_PATH to DYLD_LIBRARY_PATH
- Comment out -ldlrpc
Cygwin
Don't even try using SPIKE on Cygwin. If you somehow get it working, it's because you made considerable patches to SPIKE source files/build scripts which you should submit to me for extra credit.
If you insist using Windows/Cygwin, try Peach or Sulley as they are both written in Python and better supported on Windows.
Reading Material
- Using SPIKE
- SPIKE 2.9 - Better, faster, stronger - Dave Aitel
- Advantages of Block-based Protocol Analysis for Security Testing - Dave Aitel
- An Introduction to Fuzzing - Stephen Bradshaw
- Fuzzer Automation with SPIKE - Stephen Bradshaw
Sulley
- Sulley Manual
- Introducing Sulley, Black Hat USA 2007 - Pedram Amini, Aaron Portnoy
- Fuzzing Frameworks
- The Sulley Framework: The Basics
Discussion
Share Article 