search

OpenRCE / sulley

A pure-python fully automated and unattended fuzzing framework.
GNU General Public License v2.0
1.41k stars 340 forks source link

WHY AttributeError: 'NoneType' object has no attribute 'split'??? #100

Open ampresent opened 8 years ago

ampresent commented 8 years ago

I got this exception when I was trying my first sulley project, fuzzing apache. Any idea? I'm under ubuntu 15.04, btw

[2015-10-16 09:40:03,534] [INFO] -> current fuzz path:  -> HTTP VERBS
[2015-10-16 09:40:03,534] [INFO] -> fuzzed 0 of 58596 total cases
[2015-10-16 09:40:03,534] [INFO] -> fuzzing 1 of 36248
SKIP!
[2015-10-16 09:40:03,566] [INFO] -> xmitting: [1.1]
[2015-10-16 09:40:03,566] [INFO] -> sleeping for 1.000000 seconds
[2015-10-16 09:40:04,569] [INFO] -> netmon captured 0 bytes for test case #1
[2015-10-16 09:40:04,570] [INFO] -> procmon detected access violation on test case #1
[2015-10-16 09:40:04,570] [INFO] -> primitive name: verbs, type: group, default value: GET
Traceback (most recent call last):
File "try.py", line 20, in <module>
    sess.fuzz()
File "/home/wuyihao/hack/fuzzing/sulley/sulley/sessions.py", line 536, in fuzz
    self.poll_pedrpc(target)
File "/home/wuyihao/hack/fuzzing/sulley/sulley/sessions.py", line 691, in poll_pedrpc
    self.logger.info(self.procmon_results[self.total_mutant_index].split("\n")[0])
AttributeError: 'NoneType' object has no attribute 'split'
----------------------------------------
Exception happened during processing of request from ('127.0.0.1', 60744)
Traceback (most recent call last):
File "/usr/lib/python2.7/SocketServer.py", line 295, in _handle_request_noblock
    self.process_request(request, client_address)
File "/usr/lib/python2.7/SocketServer.py", line 321, in process_request
    self.finish_request(request, client_address)
File "/usr/lib/python2.7/SocketServer.py", line 334, in finish_request
    self.RequestHandlerClass(request, client_address, self)
File "/home/wuyihao/hack/fuzzing/sulley/sulley/sessions.py", line 905, in __init__
    BaseHTTPServer.BaseHTTPRequestHandler.__init__(self, request, client_address, server)
File "/usr/lib/python2.7/SocketServer.py", line 655, in __init__
    self.handle()
File "/usr/lib/python2.7/BaseHTTPServer.py", line 340, in handle
    self.handle_one_request()
File "/usr/lib/python2.7/BaseHTTPServer.py", line 328, in handle_one_request
    method()
File "/home/wuyihao/hack/fuzzing/sulley/sulley/sessions.py", line 921, in do_GET
    self.do_everything()
File "/home/wuyihao/hack/fuzzing/sulley/sulley/sessions.py", line 948, in do_everything
    response = self.view_index()
File "/home/wuyihao/hack/fuzzing/sulley/sulley/sessions.py", line 1082, in view_index
    response += '<tr><td class="fixed"><a href="/view_crash/%d">%06d</a></td><td>%s</td><td align=right>%s</td></tr>' % (key, key, val.split("\n")[0], bytes)
AttributeError: 'NoneType' object has no attribute 'split'

The output of process_monitor is as follows:

[09:40.03] updating target process name to 'apache2'
[09:40.03] starting target process
PED-RPC> remote method pre_send cannot be found
PED-RPC> remote method post_send cannot be found
PED-RPC> remote method get_crash_synopsis cannot be found

The fuzzing program:

from sulley import * from requests import http

def try_recv(sock): print 'SKIP!'

sess = sessions.session(session_filename="audits/apache2.session") target = sessions.target('127.0.0.1', 80) target.netmon = pedrpc.client('127.0.0.1', 26001) target.procmon = pedrpc.client('127.0.0.1', 26002) target.procmon_options = {'proc_name': 'apache2'}

sess.pre_send = try_recv sess.add_target(target) sess.connect(s_get("HTTP VERBS")) sess.connect(s_get("HTTP VERBS BASIC")) sess.connect(s_get("HTTP VERBS POST")) sess.connect(s_get("HTTP HEADERS")) sess.connect(s_get("HTTP COOKIE")) sess.fuzz()

MrAdam commented 8 years ago

I got "kinda" the same problem - process monitor is fine for me though, and restarts target as it should:

But the fuzzer fails to continue, and gives the same error as above:

[2016-06-17 10:04:59,865] [INFO] -> procmon detected access violation on test case #1082 [2016-06-17 10:04:59,865] [INFO] -> primitive lacks a name, type: delim, default value: [2016-06-17 10:04:59,866] [INFO] -> [10:04.59] Crash : Test - 1082 Reason - Segmentation fault [2016-06-17 10:04:59,867] [WARNING] -> restarting target process

[2016-06-17 10:05:04,875] [CRITICAL] -> Restarting the target failed, exiting.

Exception happened during processing of request from ('127.0.0.1', 46996) Traceback (most recent call last): File "/usr/lib/python2.7/SocketServer.py", line 295, in _handle_request_noblock self.process_request(request, client_address) File "/usr/lib/python2.7/SocketServer.py", line 321, in process_request self.finish_request(request, client_address) File "/usr/lib/python2.7/SocketServer.py", line 334, in finish_request self.RequestHandlerClass(request, client_address, self) File "/home/vagrant/PCS/week7-final/assignment/sulley/sulley/sessions.py", line 906, in init BaseHTTPServer.BaseHTTPRequestHandler.init(self, request, client_address, server) File "/usr/lib/python2.7/SocketServer.py", line 649, in init self.handle() File "/usr/lib/python2.7/BaseHTTPServer.py", line 340, in handle self.handle_one_request() File "/usr/lib/python2.7/BaseHTTPServer.py", line 328, in handle_one_request method() File "/home/vagrant/PCS/week7-final/assignment/sulley/sulley/sessions.py", line 922, in do_GET self.do_everything() File "/home/vagrant/PCS/week7-final/assignment/sulley/sulley/sessions.py", line 949, in do_everything response = self.view_index() File "/home/vagrant/PCS/week7-final/assignment/sulley/sulley/sessions.py", line 1083, in view_index response += '%06d%s%s' % (key, key, val.split("\n")[0], bytes)

AttributeError: 'NoneType' object has no attribute 'split'