Tools for fuzzing RDP.
This project contains:
- DynamoRIO that was modified to be able to attach to running processes.
- WinAFL that was modified to use the DynamoRIO attach functionality, use background fuzzing, and interact with the rdpfuzzagent.
- FreeRDP that was modified to send fuzzing messages.
- rdpfuzzagent - an agent enforcing protocol requirements, and sending messages over an RDP connection.
- Auxiliary scripts.
We encourage everyone to use this repository as the starting point for fuzzing complex targets (client/server, windows services, etc.). See Fuzzing RDP: Holding the Stick at Both Ends for more details on how to do so.
However, this is not an out of the box solution, and it will not be maintained as such. Therefore we will not be accepting contributions.
For more comments, suggestions or questions, contact Or Ben-Porath (@OrBenPorath) and Shaked Reiner (@ShakReiner) from CyberArk Labs.
This repo is a Community level project. It's a community contributed project that is not reviewed or supported by CyberArk. For more detailed information on our certification levels, see our community guidelines.
Use the included third party projects only according to their license:
Copyright (c) 2020 CyberArk Software Ltd. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
For the full license text see LICENSE.