Friday, January 7, 2011

Fuzzing with Peach - Install - Part 1

Originally Posted: THURSDAY, MAY 20, 2010 AT 7:36PM

WHAT IS PEACH
According to the author of peach, Michael Eddington, peach is "a SmartFuzzer that is capable of performing both generation and mutation based fuzzing." What I have found in my short time using is that it might be the most useful fuzzer I have used to date. Once you understand the basics of the configuration files, or peach pits, you will discover how easy it is to modify and re-use code for rapid fuzzing development. Not to mention peaches ability to stop and restart crashed process for "set it and forget it" fuzzing.



First things first, we need to install peach. I chose to use 2 identical Windows XP vm's for my fuzzing setup. One is the Fuzzing server that will generate the stings for the application and send them, the other is the agent which will attach to the application or service and monitor for a crash. You will need to download a few files to get started, they are listed below:

Download
WinDBG - http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=36a2630f-5d56-43b5-b996-7633f2ec14ff



Peach (x86) - http://sourceforge.net/projects/peachfuzz/files/Peach/2.3.6/Peach-2.3.6-x86.exe/download

or

Peach (x64) - http://sourceforge.net/projects/peachfuzz/files/Peach/2.3.6/Peach-2.3.6-x64.exe/download



Wireshark - http://wireshark.org/

Install
The install process is more or less straight forward. You need to install WinDBG first followed by peach. Finally install wireshark. I did have to do a little more then that on my setup but it seems to be an isolated situation. When I installed WinDBG it installed to a strange folder and Peach didnt know where to find it so i would get the error ""DebuggerException: Failed to locate Microsoft Debugging Tools in the registry. Please make sure its installed." The solution was to reinstall following the directions below:

Mount/burn the ISO to your agent vm.
Browse to the CD, do not use the autorun installer. (The auto run installer will place windbg in the wrong location.)
Browse to D:\Debuggers\ and run dbg_x86 (assuming d:\ is your cd rom)
Click Custom
Edit the location to say "c:\program files\Debugging Tools for Windows"
Complete the install


At this point I cloned the VM and delegated one to be the server and one for the agent. Next time I will show you how to read and write your own "peach pit" files so you can start fuzzing with peach.

Resources
http://peachfuzzer.com/FrontPage

http://groups.google.com/group/peachfuzz

http://cansecwest.com/csw08/csw08-eddington.ppt

No comments:

Post a Comment