question about radamsa using

Question

question about radamsa using

Closed this issue 8 years ago · 2 comments

Hi.
Can you please help me.
I have, for example, this HTTP request

POST / HTTP/1.1
Cache-Control: max-age=0
Host: server_ip
Content-Length: 84
Content-Type: application/xml;charset=UTF-8

<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<root>abc</root>

How I can say radamsa for start fuzzing only this part of full request?

<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<root>abc</root>

vah13 commented 8 years ago

thank you

Answer 1 · 2017-03-14T12:00:44.000Z

Hi,

This isn't currently possible. Typically you fuzz only the payloads (the parts you want to fuzz) with radamsa, and then send them to the target. Something like while true; do radamsa -o rad-%n.data samples/.data -n 100; for output in rad-.data; do (cat http-headers $output) | nc target port; check for error; done; done.

A possibly useful planned feature is to allow some kind of output templates to be given, where e.g. %f would be the fuzzed content - kind of like what is done with the path parameters where %n is the testcase number. Feel free to add a feature request with ideas if something along those lines would be handy.