- Pattern Generator and Finder
- Bad Characters prober
Generate all ASCII characters except for null, CR, LF:
python gen_badchars -o out -x '\x00\x0a\x0d'
Generate pattern from unique sequences and find a sequence in it. Automatically invert little-endian hex encoded strings.
Generate a pattern (default length: 4096):
python pattern_gen_find.py > seq
Find sequence 'Fabd':
$ python pattern_gen_find.py -n Fabd
Pattern Fabd found at 351
Find sequence '0x6261656e' (found in an EIP somewhere...)
$ ./pattern_gen_find.py -n 0x6261656e
Hex pattern detected, turning into ASCII
Pattern neab found at 2606
To use it in your fuzzer:
from pattern_gen_find import gen_pattern
# make a long-enough pattern
the_path = gen_pattern(4096)
def do_connect(host, fuzzlen):
# fuzzed = 'A' * fuzzlen
fuzzed = the_path[:fuzzlen]
# here connect to the service and try the pattern
[...]
for r in range(100, 6000, 200):
do_connect(host, r)
Then inspect the crash and find the pattern using the examples above.