Installing boofuzz

Prerequisites

Boofuzz requires Python. Recommended installation requires pip.

Ubuntu: sudo apt-get install python-pip

Install

pip install boofuzz --user

From Source

  1. Download source code: https://github.com/jtpereyda/boofuzz

  2. Install. Run pip from within the boofuzz directory:

    pip install . --user
    

Tips:

  • Use the -e option for developer mode, which allows changes to be seen automatically without reinstalling:

    pip install -e . --user
    
  • To install developer tools (unit test dependencies, test runners, etc.) as well:

    pip install -e .[dev] --user
    
  • If you’re behind a proxy:

    set HTTPS_PROXY=http://your.proxy.com:port
    

Extras

process_monitor.py (Windows only)

The process monitor is a tool for detecting crashes and restarting an application on Windows (process_monitor_unix.py is provided for Unix).

The process monitor is included with boofuzz, but requires additional libraries to run. While boofuzz typically runs on a different machine than the target, the process monitor must run on the target machine itself.

If you want to use process_monitor.py, follow these additional steps:

  1. Download and install pydbg.

    1. Make sure to install and run pydbg using a 32-bit Python interpreter, not 64-bit!
    2. The OpenRCE repository doesn’t have a setup.py. Use Fitblip’s fork.
    3. C:\Users\IEUser\Downloads\pydbg>pip install .
  2. Download and install pydasm.

    1. C:\Users\IEUser\Downloads\libdasm\pydasm>python setup.py build_ext**
    2. C:\Users\IEUser\Downloads\libdasm\pydasm>python setup.py install
  3. Verify that process_monitor.py runs:

    C:\Users\IEUser\Downloads\boofuzz>python process_monitor.py -h
    usage: procmon [-h] [--debug] [--quiet] [-f STR] [-c FILENAME] [-i PID]
                   [-l LEVEL] [-p NAME] [-P PORT]
    
    optional arguments:
      -h, --help            show this help message and exit
      --debug               toggle debug output
      --quiet               suppress all output
      -f STR, --foo STR     the notorious foo option
      -c FILENAME, --crash_bin FILENAME
                            filename to serialize crash bin class to
      -i PID, --ignore_pid PID
                            PID to ignore when searching for target process
      -l LEVEL, --log_level LEVEL
                            log level: default 1, increase for more verbosity
      -p NAME, --proc_name NAME
                            process name to search for and attach to
      -P PORT, --port PORT  TCP port to bind this agent to
    

** Building pydasm on Windows requires the Visual C++ Compiler for Python 2.7.

Deprecated: network_monitor.py

The network monitor was Sulley’s primary tool for recording test data, and has been replaced with boofuzz’s logging mechanisms. However, some people still prefer the PCAP approach.