Peach Fuzzing Platform<< Previouse | Up | Next >>
Configure Publisher
The last thing we need todo before we can try out our nifty fuzzer is to configure two Publishers. Publishers are I/O connectors that implement the plumbing between actions like output, input, and call. For our file fuzzer we will use the Publisher called FileWriter and Launcher. These publisher will allow us to write out a file and then launch a process using the call action like we setup in last section.
Configuring our publisher is easy, just locate the following XML near the bottom of the png.xml file, it will be a child of Test.
<!-- TODO: Complete publisher -->
<Publisher />
Now, this publisher takes a single parameter called fileName that will contain the file name of the fuzzed file.
<Publisher name="file" class="file.FileWriter">
<Param name="fileName" value="fuzzed.png"/>
</Publisher>
Next we need to create a publisher to launch our program. We will provide the full command line to mplayer including the file name of fuzzed file (fuzzed.png). When our "call" action in the state model occurs it will trigger this program to get run.
<Publisher name="launcher" class="process.Launcher">
<Param name="Command" value="mplayer fuzzed.png"/>
</Publisher>
Now that we have the publisher configured we can test our fuzzer!
Testing Fuzzer
Lets go ahead and run the fuzzer! Open up a command window and navigate to the location of png.xml. Now run the following command:
c:\png>c:\peach\peach -t png.xml ] Peach 2.3.8 Runtime ] Copyright (c) Michael Eddington File parsed with out errors.
Hopefully you got this output and no problems were found. If a problem was found go back through the prior sections and try and identify the problem.
Running Fuzzer
Now lets actually kick off our fuzzer for real!
c:\png>c:\peach\peach png.xml
Whats Next?
Okay, now that we have a running fuzzer we will need to configure a way to detect when our target crashes. We will also want to collect some information like a stack trace to look at later on. Head to the next section to learn how to configure an agent and monitor.
<< Previouse | Up | Next >>