Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
    Katharina Bogad
    @mistressofjellyfish
    and to answer your specific question: with the stable boofuzz version, you could use post-testcase callbacks to check if your target still responds (that's how it should be anyways) and exit from there if not.
    Kurachö
    @H1ghdr4_twitter
    @mistressofjellyfish thank you for your feedback. i will look at that callback and adjust accordingly.
    Joshua Pereyda
    @jtpereyda
    +1 for Wireshark, great way to learn about your target
    Katharina Bogad
    @mistressofjellyfish
    gnah, the more I try to get the PEDRPC to work as intended the more I want to just scrap it and build it afresh
    the whole system is just broken, and everything I fix is just a band-aid upon a band-aid
    at least it feels that way
    sigh
    the whole method_missing stuff just doesn't work well when inheritance comes into play
    Joshua Pereyda
    @jtpereyda
    : (
    Was any of the pedrpc refactoring key to that PR? It seemed like a lot of the benefit of the PR could stick without significant changes to the PEDRPC bits?
    Katharina Bogad
    @mistressofjellyfish
    Ah, I patchted it up already
    I'll leave a new implementation to a future PR. depending on how long I have to work from home I may even get around to do this
    RPyC looks very cool for this as it may stay out of the way even more than the current pedrpc, we could get rid of the multiple inheritance and still have the process monitor run on another machine
    but that means that the process monitor needs to be updated for py3, and as we discussed that only makes sense to do if we can also support 64 bit targets then
    and for the latter I just don't have a business case at the moment
    Joshua Pereyda
    @jtpereyda
    porting pydasm to Py3 (the last dependency IIRC) would be a fun side project; maybe I'll have the chance to squeeze it in some day...
    I think we can move to Py3 independently of supporting 64 bit targets
    Katharina Bogad
    @mistressofjellyfish
    but then again this is only a problem on windows... so if I wanted to have fun, I'd probably just hack up a x64dbg plugin that talks with an x64dbg monitor or something like that
    so that in the future other people maintain the debugger part... because what actually is needed for the monitor isn't that much, so the x64dbg plugin would be rather small
    richinseattle
    @richinseattle
    dce-rpc is transport for DCOM and is part of the legacy Windows SMB protocol stack
    Joshua Pereyda
    @jtpereyda
    Thanks!
    Katharina Bogad
    @mistressofjellyfish
    fun fact
    today I went from "what is DCE/RPC" to actually dissect the protocol in wireshark
    talk about forshadowing, shall we?
    Joshua Pereyda
    @jtpereyda
    Cool!
    Paul Sorensen
    @aedrax
    lol that's awesome
    Katharina Bogad
    @mistressofjellyfish
    unfortunately the occasion wasn't planned - I'm migrating my families exchange server to Office 365 (a completely natural thing to do) and in the process the migration does RPC over HTTP which, after hopping through like 5 different proxies end up as DCE/RPC calls
    needless to say, I still haven't figured out why exactly those RPC over HTTP calls fail
    also, I now know more about Http RPC proxies in MS Exchange than what is good for a single person
    Joshua Pereyda
    @jtpereyda
        # This is a bad solution for a problem that should not even exist in the first place.
    XD
    @mistressofjellyfish that uuid check is new this PR?
    Joshua Pereyda
    @jtpereyda
    Cool to see what you did with test_monitors.py. That wasn't possible way back in the day when the procmon was a totally standalone script.
    or, wouldn't have been as easy anyway
    Joshua Pereyda
    @jtpereyda
    I finally get the __method_missing weirdness. Double underscore methods have special inheritance rules. Maybe I'm late to the party in figuring that out https://stackoverflow.com/questions/1301346/what-is-the-meaning-of-a-single-and-a-double-underscore-before-an-object-name
    No changes requested there, I just think it's a neat instance of inheritance weirdness
    PR approved but with one question
    Katharina Bogad
    @mistressofjellyfish
    yeah the uuid check is new
    I guess you now found out why I want to scrap the PED-RPC stuff :'D
    Katharina Bogad
    @mistressofjellyfish
    I think it doesn't come across well within the PR, the RPC fixes I provided are the bare minimum to not break things. If anyone could spare some time re-writing the process- and network monitors to implement BaseMonitor directly and be consumed with RPyC please go for it. It would clean up the code sooo nice - using netrefs (https://rpyc.readthedocs.io/en/latest/tutorial/tut2.html#netrefs) it would be possible to just have the BaseMonitor implementation live on the other side of the RPC tunnel
    and if implemented wisely the scripts within the git repo could just be integrated as python modules to be installed with pip and started with "python3 -m boofuzz.process_monitor" or something like this
    Joshua Pereyda
    @jtpereyda
    CLI has been on my mind for a while; I picture a command with subcommands like
    boo fuzz
    boo check
    boo process_monitor
    Maximilian Lindner
    @SR4ven
    @mistressofjellyfish I just stumbled across the sphinx option that is responsible for docstring inheritance. I vaguely recall this being an issue for either connection or monitor classes. As far as I can see it's only possible to set this option globally, so in case we'd like to disable it, we should check whether it affects other parts of the docs. https://www.sphinx-doc.org/en/master/usage/extensions/autodoc.html#confval-autodoc_inherit_docstrings
    Katharina Bogad
    @mistressofjellyfish
    Its the monitors... for the connections it actually makes sense to inherit the docstrings IIRC
    Maximilian Lindner
    @SR4ven
    Too bad we can only switch this option globally. Won't help us in this case then I guess.
    Katharina Bogad
    @mistressofjellyfish
    please remind me to not lay my hands on network code ever again
    I feel kinda stupid right now for not closing the socket properly - sorry if that caused you some trouble
    Joshua Pereyda
    @jtpereyda
    @SR4ven FYI I'm doing some work on the IFuzzable interface; hoping to push a PR this afternoon (optimistically). Just letting you know in case you're actively working on it
    Maximilian Lindner
    @SR4ven
    @mistressofjellyfish I don't remember you changing that part of the code. Guess that was present before but never became a problem
    Maximilian Lindner
    @SR4ven
    @jtpereyda Thanks for the info. I took a brief look at your branch and as far as I can tell there shouldn't be any conflicts with #408
    Katharina Bogad
    @mistressofjellyfish
    probably, I still feel that I should have spotted it when testing... :sweat_smile: