Logs to a txt or csv file missed some line for the last Test case

Question

Logs to a txt or csv file missed some line for the last Test case

vincentwh2018 opened this issue 3 years ago · 3 comments

vincentwh2018 commented 3 years ago

Report

Hi Team,

I have a boofuzz script as below, log 3 type files: txt, csv and db.
def main():
fuzz_loggers = []
txt_log = open("/srv/boofuzz/http-fuzz-results.txt", "w")
fuzz_loggers.append(FuzzLoggerText(file_handle=txt_log))
csv_log = open("/srv/boofuzz/http-fuzz-results.csv", "w")
fuzz_loggers.append(FuzzLoggerCsv(file_handle=csv_log))

session = Session(
    target=Target(connection=TCPSocketConnection("192.168.1.1", 80)),
    fuzz_loggers=fuzz_loggers,
    keep_web_open=False,
    restart_threshold=5,
    db_filename="/srv/boofuzz/http-fuzz-results.db"
)

define_proto_static(session=session)
session.fuzz()

After scan finished, when I check the db file by "boo open...", and open the txt or csv files, I found that there are some lines missed in txt and csv files compared with the GUI for the last case.

Here is the result from GUI for the last case:

Here is the txt log file for the last case:

Expected behavior

The "Check OK: No crash detected." and other lines are contained in txt&csv files for the last case.

Actual behavior

The "Check OK: No crash detected." and other lines are missed in txt&csv files for the last case.

Steps to reproduce the problem

Just run the boofuzz script as above
Use "boo open..." to check the result
Open the txt log file, compared with GUI result, missed some lines

boofuzz script

def main():
    fuzz_loggers = []
    txt_log = open("/srv/boofuzz/http-fuzz-results.txt", "w")
    fuzz_loggers.append(FuzzLoggerText(file_handle=txt_log))
    csv_log = open("/srv/boofuzz/http-fuzz-results.csv", "w")
    fuzz_loggers.append(FuzzLoggerCsv(file_handle=csv_log))

    session = Session(
        target=Target(connection=TCPSocketConnection("192.168.1.1", 80)),
        fuzz_loggers=fuzz_loggers,
        keep_web_open=False,
        restart_threshold=5,
        db_filename="/srv/boofuzz/http-fuzz-results.db"
    )

    define_proto_static(session=session)
    session.fuzz()

def define_proto_static(session):
    s_initialize(name="Request")
    with s_block("Request-Line"):
        s_group("Method", ["GET", "HEAD", "POST", "PUT", "DELETE", "CONNECT", "OPTIONS", "TRACE"])
        s_delim(" ", name="space-1")
        s_static("/index.html", name="Request-URI")
        s_static(" ", name="space-2")
        s_static("HTTP/1.1", name="HTTP-Version")
        s_static("\r\n", name="Request-Line-CRLF")
        s_static("Host:", name="Host-Line")
        s_static(" ", name="space-3")
        s_static("example.com", name="Host-Line-Value")
        s_static("\r\n", name="Host-Line-CRLF")
    s_static("\r\n", "Request-CRLF")

    session.connect(s_get("Request"))


if __name__ == "__main__":
    main()

boofuzz version

0.4.1

Python version

3.9

Platform

Linux

Anything else?

No response

Answer 1 · 2022-04-04T14:16:01.000Z

Thanks for the bug report @vincentwh2018 ! I bet there's an inconsistency somewhere in one of the log classes.

Answer 2 · 2023-01-01T20:01:39.000Z

Long time since I had the time to contribute to boofuzz. I have reproduce the issue using the example. Next I will try to determine the root cause.

Answer 3 · 2023-01-02T14:19:40.000Z

Root cause found and corrected. I will create a pull request.