Improved fuzzing code…

In my previous post I talked a little bit about fuzzing and how I’d proceed. I’ve now made really good improvements (IMO anyway ;)) on the code. So now..a brief feature list(HaHa) of my fuzzing script for a Webservice method RBACHas_Role is:

— Configuration file present where you can choose what fuzz lists you want to use
— Configuration file present where you can configure expected values for each method
— Writes responses per payload and Final report to XML so other tools (Don’t ask me which ones :)) can use it
— Lastly…it now uses Threads…so a large number of payloads are sent in a very short space of time. It was very cool looking at Burp’s History window filling up very very quickly.

All the code is here. And I’m continuously adding and removing stuff on Git so if you find dead links please navigate to the main page and find your way.

I couldn’t resist doing a little self patting after implementing threading. Here is a screenshot with each payload invoked one at a time.

And here is one with Threading.

449 payloads. The version without threads takes 3 minutes 20 seconds. The version WITH threads takes 23 seconds. And the results seem correct too. Quite cool if you ask me 🙂

This entry was posted in WebServices. Bookmark the permalink.

One Response to Improved fuzzing code…

  1. Dinis Cruz says:

    Nice, Yap threading makes a massive difference.
    One thing to keep an eye on is if the app is still working as expected (I found that it is good to send a couple valid requests on longer fuzzing sessions and make sure they still work).

    Also, make sure you store the raw data (for further analysis)

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s