dobin
commented
6 years ago Good check. I never encountered this, but it may be possible for network protocols that only the server sends stuff, ffw should gracefully handle this. thanks.
Closed rmoszczynsk closed 6 years ago
dobin
commented
6 years ago Good check. I never encountered this, but it may be possible for network protocols that only the server sends stuff, ffw should gracefully handle this. thanks.
rmoszczynsk
commented
6 years ago I encountered this when doing unsuccessful connection attempts to my target server.
If I initiate a connection with wrong parameters, the server will respond with an error and end the session. If I understand correctly, the initial client connection request is not being captured, because the ClientTcpThread is only started from performTcpIntercept() after the connection between the server and the client is established.
So in this way you can end up capturing inputs that only have the server error response in them.
dobin
commented
6 years ago Huh, that would be bad. The interceptor should record ALL data. In my tests, it usually did it reliably. Maybe you can share some details of the protocol and/or software you want to test? If in private: dobin at broken.ch
…less loop of looking for one.
If any of the inputs for fuzzing has no "client" section, ffw will be stuck in an endless loop of trying to find a client message. This change makes ffw stop if it finds a broken input without any client section, so that the user can remove it from the list of inputs.