dissector_fuzz.sh

   1 #!/usr/bin/env bash
   2 # -*- coding: utf-8 -*-
   3 #
   4 # dissector_fuzz.sh -- fuzz test netsniff-ng's dissector and pcap io methods
   5 #                      with shitty pcap example files from the Wireshark archive
   6 #
   7 # Copyright (C) 2012 Daniel Borkmann <borkmann@redhat.com>
   8 # Copyright (C) 2012 Stefan Seering <sseerin@imn.htwk-leipzig.de>
   9 #
  10 # Note: build and *install* the toolkit first before running this script!
  11 #
  12 # This program is free software; you can redistribute it and/or modify
  13 # it under the terms of the GNU General Public License version 2 as
  14 # published by the Free Software Foundation.
  15
  16 set -u
  17
  18 if [ ${BASH_VERSINFO} -lt 3 ] ; then
  19         echo 'Error: Your bash need to be version 3 or newer. Exiting.'
  20         exit 1 # operators like =~ produce errors silently in old bash versions, so exit here
  21 fi
  22
  23 archive='ftp://wireshark.org/automated/captures/'
  24 show_output='' # empty string evaluates to false
  25 run_through='' # empty string evaluates to false
  26 count_cores=0
  27 count_files=0
  28 netsniff_ng_opts=''
  29
  30 if [ $# -gt 0 ] ; then
  31         if [ "$1" = '-h' -o "$1" = '--help' -o "$1" = '--usage' ] ; then
  32                 echo 'Usage: dissector_fuzz [-s (show netsniff-ng output, default: no)] [-r (keep running on errors, default: no)] [netsniff-ng long-args]'
  33                 exit 0
  34         fi
  35
  36         for opt in $@ ; do
  37                 if [ "${opt}" = '-s' ] ; then
  38                         show_output='true'
  39                 elif [ "${opt}" = '-r' ] ; then
  40                         run_through='true'
  41                 else
  42                         netsniff_ng_opts="${netsniff_ng_opts} ${opt}";
  43                 fi
  44         done
  45 fi
  46
  47 mkdir -p fuzzing
  48 cd fuzzing
  49 wget -r -Nc -np -nd -A.pcap "$archive"  |& grep -E "%|^--"
  50 ulimit -c unlimited
  51 rm -f core
  52 for file in *.pcap
  53 do
  54         echo "Testing file $file ..."
  55         if [ $show_output ]; then
  56                 netsniff-ng --in "$file" "${netsniff_ng_opts}"
  57         else
  58                 netsniff-ng --in "$file" "${netsniff_ng_opts}" > /dev/null
  59         fi
  60         if [ -e core ]; then
  61                 echo "Fuck, core dumped on $file!"
  62                 let count_cores=count_cores+1
  63                 if [ $run_through ]; then
  64                         rm core
  65                 else
  66                         exit
  67                 fi
  68         fi
  69 done
  70
  71 if which cowsay > /dev/null ; then
  72         echo_cmd='cowsay'
  73 else
  74         echo_cmd='echo'
  75 fi
  76
  77 ${echo_cmd} 'Your fuckup Score'
  78 echo " * tested pcaps: $count_files"
  79 echo " * core dumps:   $count_cores"