A black-box fuzzer for the OPC UA protocol.
python myOpcuaFuzzer.py [-h] [-m] ip-addr [port]
positional arguments:
ip-addr The server host IP address
port The server host port
optional arguments:
-h, --help show this help message and exit
-m, --info Test the information model instead of implementation
- Copy
fuzz_logger_db_mod
in./env/lib/python3.10/site-packages/boofuzz/fuzz_logger_db.py
. Due to the multiple calls of thefuzz()
function for the information model use case, we need to check in the same DB if the tables exist during their creation - WINDOWS Only: install curses from sourceg
- Download and run the container with the server implementations
- for open62541 >
docker pull msolimandounibo/opcua-os-servers:open62541_v1.0
>docker run -d -it -p 4840:4840 --name openopcua msolimandounibo/opcua-os-servers:open62541_v1.0
- for python opcua >
docker pull msolimandounibo/opcua-os-servers:pythopcua_v1.0
>docker run -d -it -p 4840:4840 --name openopcua msolimandounibo/opcua-os-servers:pythopcua_v1.0
- for open62541 >
- create a virtual env
python3 -m venv env
activate (fish)source ./env/bin/activate.fish
install dependenciespip install -r requirements.txt
- launch with python command and specified address (container or localhost:<redirection_port>) and port (container exposed port)
- arrange single msg fuzz (check which fields mutate)
- asynch issues with Information Model fuzz