Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Jan 31 2019 18:32
    BinyaminSharet commented #72
  • Jan 31 2019 18:30

    BinyaminSharet on python3support

    (compare)

  • Jan 31 2019 18:20
    BinyaminSharet commented #73
  • Jan 31 2019 18:20
    BinyaminSharet closed #73
  • Jan 31 2019 18:20
    BinyaminSharet commented #73
  • Jan 31 2019 11:28
    GH0st3rs opened #73
  • Jan 31 2019 08:04
    GH0st3rs opened #72
  • Jan 29 2019 14:39
    GH0st3rs commented #71
  • Jan 29 2019 14:39
    BinyaminSharet closed #69
  • Jan 29 2019 14:39
    BinyaminSharet commented #69
  • Jan 29 2019 14:38
    BinyaminSharet commented #71
  • Jan 29 2019 14:31
    GH0st3rs closed #71
  • Jan 29 2019 14:16
    GH0st3rs opened #71
  • Jan 28 2019 08:26
    GH0st3rs closed #70
  • Jan 28 2019 07:58
    GH0st3rs commented #69
  • Jan 27 2019 09:33
    BinyaminSharet commented #70
  • Jan 27 2019 09:32
    BinyaminSharet commented #69
  • Jan 25 2019 12:11
    GH0st3rs opened #70
  • Jan 25 2019 12:02
    GH0st3rs opened #69
  • Apr 11 2018 18:57
    BinyaminSharet closed #67
JkShah1992
@JkShah1992
@dark-lbp @BinyaminSharet Have you guys heard or looked into - 'fuddly'?-
http://fuddly.readthedocs.io/en/develop/
bsharet
@BinyaminSharet
Never heard of it before, but it seems really nice.
JkShah1992
@JkShah1992

On a very different context, Does anyone have some solution for my problem below?

I am working on one multi-threading problem in python. Where I need to run one subprocess (which is a executable program of User interface).

  • It should take commands (as input) from the user and write into stdin.
  • And the response from User interface is generated and written into stdout. and should read it from stdout.

I am not able to find some similar example for it. A help would be great.

JkShah1992
@JkShah1992
Hello,
does anyone know how to generate a pdf report from .json file??
as part of logging in fuzzing?
bsharet
@BinyaminSharet
No idea. It’s not implemented in kitty..
But the Report should probably be retrieved through the web api as json and then be converted..
JkShah1992
@JkShah1992
Hello, I believe you have worked on kitty for a longer time now. Could you give me a short description of pros and cons of kitty?
GH0st3rs
@GH0st3rs
Hello, I can help with Python 3
bsharet
@BinyaminSharet
Hi, I don't know if I told you that before, but we wanted to support python3 over 2 years ago, but saw that the amount of work was too much for the time being. This is going to take a while... but thanks for your efforts. I'll try to respond, review and merge whenever I can, but I'm currently only partially available so it will be a little slow.
GH0st3rs
@GH0st3rs
Yes, but that so difficulty. Just need sed, grep, and pylint)
bsharet
@BinyaminSharet
:)
I'll merge the first PR now (#74) and then we can move on. We need to keep the PRs from breaking python2, and as you suggested - slowly move on with python3 support.
GH0st3rs
@GH0st3rs
It is possible, after you added python3 and python2 to the Travis
bsharet
@BinyaminSharet
Yup.
OK, I'm merging #76 as well. it doesn't break python2 and we can move on from this point.
let's try and deal with separate modules each time so we can work in parallel without too many merge conflicts.
GH0st3rs
@GH0st3rs
Ok, tomorrow I will check it.
bsharet
@BinyaminSharet
Awesome :thumbsup:
GH0st3rs
@GH0st3rs
So we have a problem with reports. Now JSON report has 'raw' field with bytes as string, but in python3 json didn't allow use bytes...
Then 'RAW' field need remove from report, or encode to any string format
bsharet
@BinyaminSharet
we should probably encode it, ('raw': payload.encode())
GH0st3rs
@GH0st3rs
It doesn't work
For example:
json.dumps({'raw': b'\xfe'}) - TypeError
json.dumps({'raw': b'\xfe'.decode()}) - UnicodeDecodeError
GH0st3rs
@GH0st3rs
I will send new Pull Request with fix report encoding, after #77 merging
GH0st3rs
@GH0st3rs
Ok I finished, you need only merging my pull request and test it)
GH0st3rs
@GH0st3rs
Hello, How I can stop/pause fuzzing by Controller|Monitor events?
bsharet
@BinyaminSharet
Targets have a reference to the fuzzer (self.fuzzer), and you can call fuzzer.stop(), although I'm not sure it will work very well, as I've never tested that.
GH0st3rs
@GH0st3rs
@BinyaminSharet It's doesn't work. So as I understand, I need write Interface, for check monitor|controller signal and save report to file. Why you don't save reports after fuzzing is finished? I see only log files in kittylogs, but it's incomplete
bsharet
@BinyaminSharet
If you specify a session file, the reports (and other session data) will be stored into a database that can be loaded again by kitty.
In general, reports can be downloaded in run time via the web interface or the kitty-tool
If no session file is specified, the session is stored as a database in memory only, but still available while the fuzzer is running (as mentioned before)
dark-lbp
@dark-lbp
@GH0st3rs With custom Target, you can use self.fuzzer._continue_event.clear() to Pause the Fuzzer.
class TestTarget(UdpTarget):
    def post_test(self, test_num):
        super(TestTarget, self).pre_test(test_num)
        if test_num == 10:
            print("Tring to Pause Fuzzer")
            # To pause Fuzzer
            self.fuzzer._continue_event.clear()
image.png
bsharet
@BinyaminSharet
@GH0st3rs - I released kitty 0.7.2 today with python 3 support. Thanks a lot for this contribution. I also merged your changes to the python3_support branch in katnip and added travis support.
GH0st3rs
@GH0st3rs
Great
xiaozhouzhou
@dazhouzhou
1.PNG
Hello, does anyone know how kitty handle this situation? A little different from this example(https://kitty.readthedocs.io/en/latest/tutorials/session_data.html).The returned session_id is not used immediately, but is used by subsequent packets.
@BinyaminSharet @dark-lbp
Shivank
@shivank1234
Hey Everyone
Shivank here
I wanted to use katnip using kitty on my codebase..
Can anyone guide as of how I can do so?