Welcome to the Network Protocol Fuzzing With Boofuzz workshop!
This is a self-paced workshop. Dive right into the instructions here, and do not hesitate to ask questions, raise criticisms, or just say hello and introduce yourself. That's the beauty of an in-person workshop!
This workshop assuems you are running Linux.
Notes for othe operating systems:
Boofuzz runs on OS X, but the sample targets in these exercises run specifically on Linux. Some targets can cross-compile, but differences in architecture mean crash conditions are different than on Linux.
See the VM option below.
I recommend using Windows Subsystem for Linux (WSL). You can install Ubuntu from the Microsoft Store. Once you have a Linux environment, you can install most tools via your package manager or on the command line.
Disclaimer: Crashes should be the same or similar in WSL, but I have not verified this and your mileage may vary. If you try WSL, let me know how it goes!
See also the VM option.
If you don't have Linux natively, I recommend using a cloud virtual machine. The workshop instructions are all written from the command line perspective; no GUI required!
This workshop has been tested on GCP's free trial VMs. AWS's free tier should also work. OCI also has a free tier that should work, but the VMs are limited to 1 GB of memory (which is enough for this workshop, but not much else).
If you don't have Python 3 installed already, install it using your system's package manager:
sudo apt install python3 python3-pip
brew install python
You will need a C compiler and build tools to install some of the targets in this lab. On Ubuntu, you can install them with:
sudo apt install build-essential
Use your favorite editor. If you're just getting started with Python, I suggest using Visual Studio Code. It has nice plugins for remote editing over SSH, if you're running a cloud VM.
While boofuzz can be isntalled from PyPI, we will install it from source so that we can modify the code if needed. We will use pipx as it is a convenient installation tool.
Note: python3 is the name of the Python executable on many environments, but it could be different for you (e.g. python).
mkdir -p ~/workshop
cd ~/workshop
git clone https://github.com/jtpereyda/boofuzz.git
cd boofuzz
# Install Poetry build system:
curl -sSL https://install.python-poetry.org | python3 -
poetry config virtualenvs.in-project true # Optional; I like to have poetry create virtualenvs in the project directory
poetry install --all-extras
poetry shell # activate virtualenv -- use this whenever you want to run a boofuzz script
This workshop contains three exercises:
In Exercise 1, we will learn about the HTTP protocol and the basics of writing your own protocol fuzzer. ' In Exericse 2, we will learn more about boofuzz primitives and find a second crash in another target.
In Exercise 3, we will find a crash in a real-world target, a crash that has been leveraged in actual exploits.