Skip to content

Latest commit

 

History

History
45 lines (34 loc) · 1.8 KB

fuzzer.md

File metadata and controls

45 lines (34 loc) · 1.8 KB

Fuzzer

The fuzzer module supports multiple fuzzing methods.

  • random - generates random payloads within a given length interval
  • brute - brute forces all possible values for selected nibbles of a given message
  • mutate - mutates a given message by randomizing selected nibbles in arbitration ID and/or payload
  • replay - replays a previous fuzzing session log file
  • identify - like replay, but takes manual input to identify a single message causing an observed effect

The random and mutate modes both show which random seed is being used. The seed can be passed in an optional argument to these modes, in order to repeat the sequence of generated messages.

As always, module help can be shown by adding the -h flag (as shown below). You can also show help for a specific fuzzing mode by specifying the mode followed by -h, e.g. ./cc.py fuzzer random -h or ./cc.py fuzzer mutate -h

$ ./cc.py fuzzer -h

-------------------
CARING CARIBOU v0.2
-------------------

Loaded module 'fuzzer'

usage: cc.py fuzzer [-h] {random,brute,mutate,replay,identify} ...

Fuzzing module for CaringCaribou

positional arguments:
  {random,brute,mutate,replay,identify}
    random              Random fuzzer for messages and arbitration IDs
    brute               Brute force selected nibbles in a message
    mutate              Mutate selected nibbles in arbitration ID and message
    replay              Replay a previously recorded directive file
    identify            Replay and identify message causing a specific event

optional arguments:
  -h, --help            show this help message and exit

Example usage:

./cc.py fuzzer random
./cc.py fuzzer random -min 4 -seed 0xabc123 -f log.txt
./cc.py fuzzer brute 0x123 12ab..78
./cc.py fuzzer mutate 7f.. 12ab....
./cc.py fuzzer replay log.txt
./cc.py fuzzer identify log.txt