Fuzzing

Start fuzzing the application to check at approximately where it crashes. Note down the maximum bytes the application has crashed at.

Example of a fuzz script

#!/usr/bin/env python3

import socket, time, sys

ip = <target ip>

port = <target port>
timeout = 5
prefix = "<command to test> "

string = prefix + "A" * 100

while True:
  try:
    with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
      s.settimeout(timeout)
      s.connect((ip, port))
      s.recv(1024)
      print("Fuzzing with {} bytes".format(len(string) - len(prefix)))
      s.send(bytes(string, "latin-1"))
      s.recv(1024)
  except:
    print("Fuzzing crashed at {} bytes".format(len(string) - len(prefix)))
    sys.exit(0)
  string += 100 * "A"
  time.sleep(1)