I didn’t end up having time to blog yesterday, even though I programmed for over an hour.
Python’s sockets and select implementations have been a bit of a learning curve for me. I spent over an hour messing around with various bits and pieces of the API using https://docs.python.org/2/library/socket.html as a reference.
I started work on adding script parsers and making a queue of things to send to clients. It currently works for basic text-based protocols, but is still in its early stages and may be buggy.
This weekend, I hope to get expect support working. If a client sends X, the server responds with Y. After this, I will attempt to write some fuzzers for different TCP services. This will be kind of an undertaking because there are so many protocols and some are extremely large. I’ll have to write some vulnerable clients to prove that this works as well.
One problem I’ve found with this is that it doesn’t show the string that made a program crash. I’ll have to address this as well.
I also need to figure out a way to deal with “binary” protocols that use non-ASCII data. Perhaps I will have to prefix a line with BINARY and just drop in hexadecimal strings or something. I don’t know yet.
I’ve also pretty much settled on attacking IRC with this first. I will spend the next several days compiling a list of weird and arcane IRC clients to test this against and write an IRC protocol fuzzing script.
If you’d like to check out the project so far, it is on GitHub: https://github.com/droberson/thefuzz