Results 1 to 2 of 2

Thread: Architecture for fuzzing lab? Share/Save - My123World.Com!

  1. #1
    ... I am no Expert b0nd.g4h@gmail.com b0nd's Avatar
    Join Date
    Jul 2010
    Location
    irc.freenode.net #g4h
    Posts
    744

    Architecture for fuzzing lab?

    Hi,

    Beginners could get confused with what kind of architecture a fuzzing lab should comprise of?
    Basically, there shall be something to request and something to respond. So in most of the cases it's a sever-client architecture.

    Server: A node which would be hosting or generating fuzz files
    Client : A node which would access/load those hosted/generated files in an application to check if that crashes.

    Application could be anything that interests a researcher and accordingly fuzz files needs to be hosted/generated on the fly on server. Few likes generating fuzz files of their interest and host on server. Contrary, few likes generating them on the fly. Today, focus of this write-up is bit on 'generating & hosting' files.

    Disclaimer: I am no expert on this; just sharing what I've observed and understood so far.


    Generating & Hosting Files on Server:

    On a smaller scale, a researcher could have just a single machine hosting his/her server (LAMP/WAMP) and client node. That's fine to test out fuzzer code (write you own from scratch) and some basic tests. But shall improve upon hardware gradually, if on serious note.

    My suggestions:
    1. Use Linux: Requirement could be there to generate millions of test cases (fuzz cases). Unfortunately, file generations starts crawling on windows once it has generated more than a million files in a single directory. In my test, same code started crawling after generating 1.1M files on windows but worked perfectly on linux even after generating 2.4M files (I did not go beyond that).

    2. If using LAMP, apache would need to be customized to withhold your test DDoS attack on it. Fuzzing goes in spikes. Most of the test cases wouldn't bother the application anyway. Few could offer minor glitches and few could simply hang the application. Assuming your lab has 10 client nodes & 1 server. When applications on those 10 nodes are processing fuzz cases without gliches, the Apache is serving quite many requests concurrently! and there starts the DDoS on it. With 10 nodes, it just wouldn't be 10 requests/second. Based on researchers code, it could grow multifolds.

    3. Use mpm_event: With LAMP, the MPM (multi processing module) that comes default is mpm_prefork. It has to be replaced to meet fuzz lab requirements. mpm_event is the latest stable member and is highly recommended for concurrence.
    My tests has shown, mpm_prefork failed serving more than 7 client nodes but mpm_event served 24 nodes perfectly (not sure what is its limit)

    Following are few links which could help setup such a lab:
    https://www.digitalocean.com/communi...tack-on-ubuntu
    https://www.digitalocean.com/communi...n-ubuntu-12-04
    http://jaswsinc.com/ubuntu-lamp-apac...tcgi-php5-fpm/
    http://askubuntu.com/questions/45337...hread-safe-php
    http://askubuntu.com/questions/52477...ble-worker-mpm
    http://serverfault.com/questions/383...che-mpm-to-use
    http://www.vps.net/blog/2013/04/08/a...ker-and-event/

    .... sharing is caring

    Cheers!

    PS: It would be appreciable if people share their experiences as well.
    [*] To follow the path: look to the master, follow the master, walk with the master, see through the master,
    ------> become the master!!! <------
    [*] Everyone has a will to WIN but very few have the will to prepare to WIN
    [*] Invest yourself in everything you do, there's fun in being serious

  2. #2
    ... I am no Expert b0nd.g4h@gmail.com b0nd's Avatar
    Join Date
    Jul 2010
    Location
    irc.freenode.net #g4h
    Posts
    744
    Following setting for mpm_event works flawless for me:

    <IfModule mpm_event_module>
    Timeout 300
    StartServers 2
    ThreadLimit 64
    ThreadsPerChild 64
    MaxConnectionsPerChild 10000

    MinSpareThreads 20
    MaxSpareThreads 85
    ServerLimit 8
    MaxRequestWorkers 512

    KeepAlive On
    MaxKeepAliverequests 50
    KeepAliveTimeout 4

    </IfModule>
    Reportedly (http://flo.livezon.com/2015/08/insta...-ubuntu-14-04/) it shall be able to handle 512 requests per second.
    [*] To follow the path: look to the master, follow the master, walk with the master, see through the master,
    ------> become the master!!! <------
    [*] Everyone has a will to WIN but very few have the will to prepare to WIN
    [*] Invest yourself in everything you do, there's fun in being serious

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •