https://github.com/alexgustafsson/fuzzing-http-servers
An example setup for quickly getting fuzzing of HTTP servers running. Uses AFL and WFuzz.
https://github.com/alexgustafsson/fuzzing-http-servers
afl american-fuzzy-lop fuzzing http http-server wfuzz
Last synced: 3 months ago
JSON representation
An example setup for quickly getting fuzzing of HTTP servers running. Uses AFL and WFuzz.
- Host: GitHub
- URL: https://github.com/alexgustafsson/fuzzing-http-servers
- Owner: AlexGustafsson
- License: unlicense
- Created: 2020-10-07T07:54:41.000Z (over 5 years ago)
- Default Branch: master
- Last Pushed: 2021-07-14T14:13:40.000Z (almost 5 years ago)
- Last Synced: 2025-12-30T03:18:29.721Z (5 months ago)
- Topics: afl, american-fuzzy-lop, fuzzing, http, http-server, wfuzz
- Language: Makefile
- Homepage:
- Size: 26.4 KB
- Stars: 2
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE.md
Awesome Lists containing this project
README
## Quick Start
### Preparation
Linux is required for AFL fuzzing. Tested on a minimal Ubuntu 20.04.1 desktop installation.
Requirements:
* git
* gcc
* make
* bash
* pip
* wfuzz
* libcurl4-openssl-dev
* libssl-dev
* python3-pip
* libini-config-dev
* libseccomp-dev
These can be installed on said Ubuntu by running:
```
sudo apt update && apt install build-essential git python3-pip libcurl4-openssl-dev libssl-dev libini-config-dev libseccomp-dev && sudo python3 -m pip install wfuzz
```
On Ubuntu you'll also need to do the following to use AFL:
```bash
sudo -i
echo core > /proc/sys/kernel/core_pattern
```
### Cloning the code
```bash
# Fetch the project
git clone https://github.com/AlexGustafsson/fuzzing-http-servers
# Enter the project
cd fuzzing-http-servers
# Initialize submodules
make init
```
### Fuzzing with AFL
Build AFL.
```bash
make afl
```
Apply the correct patches.
```bash
make apply-afl-patches
```
Build preeny.
```bash
make preeny
```
Build one of the servers.
```bash
make sources/aaron-kalair/server
```
Start fuzzing.
```bash
# The first parameter is the binary to fuzz, any further parameters are used as parameters for the binary itself
./afl.sh sources/aaron-kalair/server
```
### Fuzzing with WFuzz
Apply the correct patches.
```bash
make apply-wfuzz-patches
```
Build one of the servers.
```bash
make USE_AFL=0 sources/aaron-kalair/server
```
Start the server.
```bash
./sources/aaron-kalair/server
```
Start fuzzing.
```bash
# Verb fuzzing
wfuzz -z list,GET-HEAD-POST-TRACE-OPTIONS -X FUZZ http://localhost/
# Fuzzing using a (non-included) list of words
wfuzz -w words.txt http://localhost/FUZZ
```
### Creating, applying and removing patches
When patching the servers for use with either of the tools, the code might have to be altered. These commands help aid you.
```bash
# Create patches from altered sources
make create-afl-patches
make create-wfuzz-patches
# Apply patches
make apply-afl-patches
make apply-wfuzz-patches
# Remove patches (warning: performs a hard reset on the repositories!)
make remove-patches
```