I want to make a protocol fuzzing framework for certain protocols in network devices, made by Cisco, Juniper or Huawei to detect their vulnerabilities. It is important to have a good packet handling mechanism. I know the dissection of Wireshark is very good. It contains 1000+ protocols and is still in active development. So I wanna integrate the dissection code of Wireshark into my protocol fuzzing software. But the Wireshark source tree is very complex. I have read through the Wireshark Developer's Guide, while still knows little about how to use Wireshark for my work. By the way, I wanna develop my fuzzing software in Visual Studio 2010, is Wireshark a good choice for me? If yes, then what part should I begin from? Such as libwireshark, TShark, epan or the whole Wireshark? Thx!
-
Related, for you reference: http://stackoverflow.com/questions/2930455/wireshark-plugin-dissecting-payloads-with-multiple-packets-per-udp-frame – John Dibling Jan 29 '14 at 17:19
1 Answers
You are trying to create (subtly broken, weird, ...) network packages, while wireshark tries to understand them. I'm not so sure this is the right starting point. I'd start with something creating correct package (streams) and modifying them; or just creating the broken from the start. Perhaps nmap's code to create packages (it creates some weird ones for OS fingerprinting) is a better starting point. And reference the relevant standards defining the formats.
Also, I remember people futzing SNMP and finding tons of problems in all sort of implementations, perhaps the code for that (or similar) work is available (or the researchers can be talked into parting with it, even if it is only a rough prototype).
A project for this would be a valuable addition. Good luck! It is certainly a lot of work.
- 11,412
- 8
- 32
- 52