Author Topic: FuzzDB  (Read 1277 times)

0 Members and 1 Guest are viewing this topic.

Offline neusbeer

  • Knight
  • **
  • Posts: 223
  • Cookies: 11
  • Gender: Male
  • Beer makes you stronger XD
    • View Profile
    • http://www.facebook.nl/hackneus
FuzzDB
« on: January 22, 2012, 12:47:20 am »
FuzzDB

Attack and Discovery Pattern Database for Application Fuzz Testing

Code: [Select]
svn checkout http://fuzzdb.googlecode.com/svn/trunk/ fuzzdb-read-only

I overlooked this database. but it seems quite good.
It's and database with all kinds of data.
for example: webshell oneliners, standard file fuzz lists,
path traversal strings, sqli strings, buffer overflow strings
and other usefull payloads.

Quote
What's in fuzzdb?
Predictable Resource Locations - Because of the popularity of a small number of server types, platforms, and package formats, resources such as logfiles and administrative directories are typically located in a small number of predictable locations. FuzzDB contains a comprehensive database of these, sorted by platform type, language, and application, making brute force testing less brutish.

Attack Patterns - Categorized by platform, language, and attack type, malicious and malformed inputs known to cause information leakage and exploitation have been collected into sets of test cases. FuzzDB contains comprehensive lists of attack payloads known to cause issues like OS command injection, directory listings, directory traversals, source exposure, file upload bypass, authentication bypass, http header crlf injections, and more.

Response Analysis - Since system responses also contain predictable strings, fuzzdb contains a set of regex pattern dictionaries such as interesting error messages to aid detection software security defects, lists of common Session ID cookie names, and more.

Other useful stuff - Webshells, common password and username lists, and some handy wordlists.

Documentation - Helpful documentation and cheatsheets sourced from around the web that are relevant to the payload categories are also provided.
« Last Edit: January 22, 2012, 12:47:41 am by neusbeer »
--Neusbeer

Offline hacker@sr.gov.yu

  • VIP
  • Peasant
  • *
  • Posts: 136
  • Cookies: 23
  • Gender: Male
  • Tools don't make hackers, hackers make tools!
    • View Profile
Re: FuzzDB
« Reply #1 on: January 22, 2012, 09:29:49 pm »
Hm, I will check it later. Thanks

Offline Factionwars

  • Administrator
  • King
  • *
  • Posts: 2223
  • Cookies: 182
    • View Profile
Re: FuzzDB
« Reply #2 on: January 23, 2012, 10:04:40 am »
Mhmm  some user experiences?

Offline neusbeer

  • Knight
  • **
  • Posts: 223
  • Cookies: 11
  • Gender: Male
  • Beer makes you stronger XD
    • View Profile
    • http://www.facebook.nl/hackneus
Re: FuzzDB
« Reply #3 on: January 23, 2012, 10:38:51 am »
yes, some..
I use the predictable file lists with a script to scan a site.
Code: [Select]
#!/bin/bash
#
# checks for files on gives site for existence
#
# $1 url to explore
# $2 list of files
# echos found ones. so save with > output.lst or | tee -a output.lst
#
# Usage: ./check_vuln_files.sh http://site/ <filelist>
# there are plenty enough of scripts that can do the same
# but I needed something to search specific for files of certain web apps, servers, ect
# this doesn't leave a dirty log file on the server.
if [ "$1" = "-h" ]; then
  echo -e "\n\n\n\n\nCheck for file existence based on standard files from software.\n"
  echo "usage:"
  echo "./check_filelist.sh <url> <filelist_name*>"
  echo -e "*no complete path, fuzzdb/Discovery/PredictableRes/ is automaticly added.\n"
  echo -e "e.g. ./check_filelist.sh http://www.testnoob.com/ ApacheTomcat.fuzz.txt\n\n"
  exit
fi
function isLive {
  wget -q --spider $1
}


cat fuzzdb/Discovery/PredictableRes/"$2" | while read cFile ; do
link="$1$cFile"
isLive "$link"
if [ $? -eq 0 ]; then
  echo "$link"
         else
        fi
done


that works for some cases.
the rest I didn't have time to look at.
--Neusbeer

 



Intern0t SoldierX SecurityOverride programisiai
Want to be here? Contact Ande, Bluechill or Kulverstukas on the forum or at IRC.