{"id":20481301,"url":"https://github.com/0xricksanchez/hitb2020_fsfuzzer","last_synced_at":"2025-09-03T14:47:48.925Z","repository":{"id":134703325,"uuid":"256429722","full_name":"0xricksanchez/HITB2020_FSFUZZER","owner":"0xricksanchez","description":"My Material for the HITB presentation","archived":false,"fork":false,"pushed_at":"2020-05-31T19:04:10.000Z","size":17316,"stargazers_count":35,"open_issues_count":0,"forks_count":10,"subscribers_count":6,"default_branch":"master","last_synced_at":"2025-04-13T14:12:23.589Z","etag":null,"topics":["bsd","fuzzer","fuzzing","kernel","security-tools","slides"],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/0xricksanchez.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2020-04-17T07:12:32.000Z","updated_at":"2023-03-20T03:05:26.000Z","dependencies_parsed_at":null,"dependency_job_id":"b0d9ad7d-6664-4b3d-87ae-b373b821eca7","html_url":"https://github.com/0xricksanchez/HITB2020_FSFUZZER","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/0xricksanchez/HITB2020_FSFUZZER","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xricksanchez%2FHITB2020_FSFUZZER","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xricksanchez%2FHITB2020_FSFUZZER/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xricksanchez%2FHITB2020_FSFUZZER/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xricksanchez%2FHITB2020_FSFUZZER/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/0xricksanchez","download_url":"https://codeload.github.com/0xricksanchez/HITB2020_FSFUZZER/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xricksanchez%2FHITB2020_FSFUZZER/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":273460485,"owners_count":25109756,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-03T02:00:09.631Z","response_time":76,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bsd","fuzzer","fuzzing","kernel","security-tools","slides"],"created_at":"2024-11-15T16:07:41.283Z","updated_at":"2025-09-03T14:47:48.917Z","avatar_url":"https://github.com/0xricksanchez.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# fs-fuzzer\nMy Material for the HITB 2020 Lockdown edition presentation in April.\nThis repo contains the presentation slides as well as all used scripts that were used to demonstrate the demos.\n\n ### Update May 2020\n \n**[FULL FUZZING FRAMEWORK HERE](https://github.com/0xricksanchez/fisy-fuzz)**\n\n## fs_generator.py\n\nThis standalone script can be used to generate different file systems across the different support host systems:\n\n```\nSUPPORTED_FILE_SYSTEMS = {\n    \"freebsd\": [\"ufs1\", \"ufs2\", \"zfs\", \"ext2\", \"ext3\", \"ext4\"],\n    \"netbsd\": [\"4.3bsd\", \"ufs1\", \"ufs2\", \"ext2\"],\n    \"openbsd\": [\"4.3bsd\", \"ufs1\", \"ufs2\", \"ext2\"],\n    \"linux\": [\"uf1\", \"ufs2\", \"ext2\", \"ext3\", \"ext4\", \"zfs\"],\n    \"darwin\": [\"apfs\"],\n}\n```\n\nDepending on the supplied flags to `fs_generator.py` the generated file system is either empty or contains a randomly generated file system hierarchy.\nThe files will be directories, symbolic as well as hard links and binary files.\n\n### Example:\n\n```\n$ sudo python3 fs_generator.py -fs ext4 -s 15 -n \"ubuntu_ext4_15mb\" -o /home/dev/HITB/scripts/create_fs -p 10 -ps 1024\n```\n\nThis creates a *ext4* disk image of size *15 MB* on a Ubuntu host system.\nIt will contain *10* files of which the maximum file size for each will be at most *1024 bytes*.\nFinally, it will be saved at */home/dev/HITB/scripts/create_fs/*:\n\n```bash\n$ ls /home/dev/HITB/scripts/create_fs/ubuntu_ext4_15mb\n/home/dev/HITB/scripts/create_fs/ubuntu_ext4_15mb\n```\n\n\n## fs_mutator.py\n\nIs a standalone mutation script that supports mutation via *radamsa*, *targeted mutation* of specific metadata fields as well as less targeted variant\nwhere you can write *n bytes* of *0x00*/*0xff*/*random* to either the *superblock*, *cylinder groups* or *data section*.\n\n### Examples\n\n```\n$ ./fs_mutator.py -f HITB_ufs -o HITB_ufs_rad --radamsa --determinism --restore\n```\n\nTakes the HITB_ufs file system and applies a seeded full binary radamsa mutation to it.\nAfterwards the magic bytes are restored.\nThe output is saved in a file called *HITB_ufs_rad*.\n\n\n```\n$ ./fs_mutator.py -f HITB_ufs -t sb 0 fs_magic 'AAAA' -o HITB_ufs_fsmagic\n```\nThis overwrites the 4 byte magic sequence in the 0th ufs superblock with *'AAAA'*.\n\n```\n$ ./fs_mutator.py -f HITB_ufs -t sb all fs_fsmnt 'Hello World @ HITB 2020 Lockdown' -o HITB_ufs_fsmnt\n```\nThis overwrites all superblock fields that correspond to the *fs_fsmnt* name with the provided *Hello World...* string.\n\n\n## fs_fuzzer.py\n\nThis is a minimal working demo fuzzer, which includes 5 PoCs. \nYou can read the code and understand the concept behind accessing and playing with remote machines.\n\n## fs_util.py, ext-/ufs-superblock_parser.py\n\nProvide some helper scripts to parse metadata fields and so forth.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F0xricksanchez%2Fhitb2020_fsfuzzer","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F0xricksanchez%2Fhitb2020_fsfuzzer","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F0xricksanchez%2Fhitb2020_fsfuzzer/lists"}