v0.3 released

VERSION

@@ -1,27 +1,34 @@
+v0.3:
+=====
+
+	Added the ability to use different type of patterns while fuzzing (Cyclic | CyclicExtended | Single | Format-String).
+	Removed a lot of un-useful parameters and use global variables instead.
+	Minor Help Screen improvements.
+
 v0.2.1:
 =======
 
-Minor SMTP plugin fixes.
+	Minor SMTP plugin fixes.
 
 v0.2:
 =====
 
-TFTP plugin added.
+	TFTP plugin added.
 
 
 v0.1.2:
 =======
 
-Improved FTP plugin due massive broken pipe messages. Also added LOGIN feature in the SMTP Fuzzer plugin.
+	Improved FTP plugin due massive broken pipe messages. Also added LOGIN feature in the SMTP Fuzzer plugin.
 
 
 v0.1.1:
 =======
 
-Fixed fuzzCommands() issue with smtp plugin (thanks John)
+	Fixed fuzzCommands() issue with smtp plugin (thanks John)
 
 
 v0.1:
 =====
 
-First public version.
+	First public version.

backfuzz.py

@@ -1,22 +1,23 @@
-import time, sys, dircache
+import dircache
 from functions import *
 
 # Back to the FUZZ'er - protocol fuzzing toolkit
 # Contact: mattdch0@gmail.com (suggerences, ideas, reviews)
 # Follow: @mattdch
 # Blog: www.localh0t.com.ar
 
-VERSION = "0.2.1"
+# Version
+VERSION = "0.3"
 
 # Plugin read class
 class Plugins:
 	def __init__(self):
 		self.plugins = []
-    	def loadPlugins(self,directory):
+    	def loadPlugins(self, directory):
         	filelist = dircache.listdir(directory)
         	for filename in filelist:
         		if not '.' in filename:
-				sys.path.insert(0,directory + filename)
+				sys.path.insert(0, directory + filename)
                 		self.plugins += [__import__(filename)]
                 		sys.path.remove(directory + filename)
 
@@ -26,99 +27,118 @@ def loadPlugins(self,directory):
 listadoSpecial.loadPlugins("./special/")
 
 # Start Fuzzer function
-def startFuzzer(object,plugin_use,specialFlag):
+def startFuzzer(object):
 	for plugin in object:
-		if plugin.PROPERTY['PROTOCOL']==plugin_use:
+		if plugin.PROPERTY['PROTOCOL'] == globalvars.plugin_use:
 			fuzzmaster = plugin.FuzzerClass()
-			if specialFlag == 1:
-				fuzzmaster.fuzzer(minim,maxm,salt,plugin_use)
-			else:
-				fuzzmaster.fuzzer(host,port,minim,maxm,salt,timeout)
+			fuzzmaster.fuzzer()
 
 # Show Help function
 def showHelp():
 	print "\n##################################################"
-	print "# Back to the FUZZ'er - protocol fuzzing toolkit #"
+	print "# Back to the FUZZ'er - " + "protocol fuzzing toolkit #"
 	print "##################################################"
-	print "\nVersion: " + VERSION
-	print "\nUsage (Normal Plugins):\n=======================\n\npython", sys.argv[0], "-h [IP] -p [PORT] -min [START LENGHT] -max [END LENGHT] -s [SALT BETWEEN FUZZ STRINGS] -pl [PLUGIN TO USE] -t [TIMEOUT (Seconds) (Optional, default: 0.8)] \n"
-	print "Usage (Special Plugins):\n========================\n\npython", sys.argv[0], "-pl [SPECIAL PLUGIN TO USE] -min [START LENGHT] -max [END LENGHT] -s [SALT BETWEEN FUZZ STRINGS] -SPECIAL \n"
+	print "\nVersion: " + colors.BLUE + VERSION + colors.ENDC
+	print "\nArguments (Normal Plugins):\n===========================\n"
+	print "-h   [IP]" + colors.RED + " [Required] " + colors.ENDC
+	print "-p   [PORT]" + colors.RED + " [Required] " + colors.ENDC
+	print "-min [START LENGHT]" + colors.RED + " [Required] " + colors.ENDC
+	print "-max [END LENGHT]" + colors.RED + " [Required] " + colors.ENDC
+	print "-s   [SALT BETWEEN FUZZ STRINGS]" + colors.RED + " [Required] " + colors.ENDC
+	print "-pl  [PLUGIN TO USE]" + colors.RED + " [Required] " + colors.ENDC
+	print "-pf  [PATTERN-FLAVOUR TO USE (default: Cyclic)]" + colors.GREEN + " [Optional] " + colors.ENDC
+	print "-t   [TIMEOUT (Seconds) (default: 0.8)]" + colors.GREEN + " [Optional] " + colors.ENDC
+	print "\nArguments (Special Plugins):\n============================\n"
+	print "-SPECIAL" + colors.RED + " [Required] " + colors.ENDC
+	print "-pl [SPECIAL PLUGIN TO USE]" + colors.RED + " [Required] " + colors.ENDC
+	print "-min [START LENGHT]" + colors.RED + " [Required] " + colors.ENDC
+	print "-max [END LENGHT]" + colors.RED + " [Required] " + colors.ENDC
+	print "-s [SALT BETWEEN FUZZ STRINGS]" + colors.RED + " [Required] " + colors.ENDC
+	print "-pf [PATTERN-FLAVOUR TO USE (default: Cyclic)]" + colors.GREEN + " [Optional] " + colors.ENDC
+	print "\nPattern Flavours are:\n=====================\n"
+	print "Cyclic :          Aa0Aa1Aa2Aa3Aa4Aa [...]"
+	print "Cyclic Extended : Aa.Aa;Aa+Aa=Aa-Aa [...]"
+	print "Single :          AAAAAAAAAAAAAAAAA [...]"
+	print "FormatString :    %n%x%n%x%s%x%s%n  [...]"
 	print "\nAvailable plugins:"
 	print "==================\n"
 	for plugin in listadoPlugins.plugins:
-		print plugin.PROPERTY['PROTOCOL'], plugin.PROPERTY['NAME'], "|", plugin.PROPERTY['DESC'],"|","Author:", plugin.PROPERTY['AUTHOR']
+		print plugin.PROPERTY['PROTOCOL'], plugin.PROPERTY['NAME'], "|", plugin.PROPERTY['DESC'], "|", "Author:", plugin.PROPERTY['AUTHOR']
 	print "\nSpecial plugins:"
 	print "================\n"
 	for special in listadoSpecial.plugins:
-		print special.PROPERTY['PROTOCOL'], special.PROPERTY['NAME'], "|", special.PROPERTY['DESC'],"|","Author:", special.PROPERTY['AUTHOR']
+		print special.PROPERTY['PROTOCOL'], special.PROPERTY['NAME'], "|", special.PROPERTY['DESC'], "|", "Author:", special.PROPERTY['AUTHOR']
 
 # Read Args function
 def readArgs(arguments):
 	count = 0
-	timeout = 0.8
+	globalvars.timeout = 0.8
+	globalvars.pattern_flavour = "Cyclic"
 	for arg in arguments:
 		try:
 			if arg == "-h":
-				host = arguments[count+1]
+				globalvars.host = arguments[count + 1]
 			elif arg == "-p":
-				port = strToInt(arguments[count+1],"-p")
+				globalvars.port = strToInt(arguments[count + 1], "-p")
 			elif arg == "-min":
-				minim = strToInt(arguments[count+1],"-min")
+				globalvars.minim = strToInt(arguments[count + 1], "-min")
 			elif arg == "-max":
-				maxm = strToInt(arguments[count+1],"-max")
+				globalvars.maxm = strToInt(arguments[count + 1], "-max")
 			elif arg == "-s":
-				salt = strToInt(arguments[count+1],"-s")
+				globalvars.salt = strToInt(arguments[count + 1], "-s")
 			elif arg == "-pl":
-				plugin_use = arguments[count+1]
+				globalvars.plugin_use = arguments[count + 1]
+			elif arg == "-pf":
+				globalvars.pattern_flavour = arguments[count + 1]
 			elif arg == "-t":
-				timeout = strToFloat(arguments[count+1],"-t")
-			count+=1
+				globalvars.timeout = strToFloat(arguments[count + 1], "-t")
+			count += 1
 		except:
 			exitProgram(3)
 	# Args check
 	try:
-		arglist = [host,port,minim,maxm,salt,plugin_use]
-		checkMinMax(minim,maxm)
+		arglist = [globalvars.host, globalvars.port, globalvars.minim, globalvars.maxm, globalvars.salt, globalvars.plugin_use]
+		checkMinMax(globalvars.minim, globalvars.maxm)
+		checkFlavour(globalvars.pattern_flavour)
 	except:
 		exitProgram(3)
 
-	return (host,port,minim,maxm,salt,plugin_use,timeout)
-
 # Special Read Args function
 def readArgsSpecial(arguments):
 	count = 0
+	globalvars.pattern_flavour = "Cyclic"
 	for arg in arguments:
 		try:
 			if arg == "-min":
-				minim = strToInt(arguments[count+1],"-min")
+				globalvars.minim = strToInt(arguments[count + 1], "-min")
 			elif arg == "-max":
-				maxm = strToInt(arguments[count+1],"-max")
+				globalvars.maxm = strToInt(arguments[count + 1], "-max")
 			elif arg == "-s":
-				salt = strToInt(arguments[count+1],"-s")
+				globalvars.salt = strToInt(arguments[count + 1], "-s")
 			elif arg == "-pl":
-				plugin_use = arguments[count+1]
-			count+=1
+				globalvars.plugin_use = arguments[count + 1]
+			elif arg == "-pf":
+				globalvars.pattern_flavour = arguments[count + 1]
+			count += 1
 		except:
 			exitProgram(3)
-
+	# Args check
 	try:
-		arglist = [minim,maxm,salt,plugin_use]
-		checkMinMax(minim,maxm)
+		arglist = [globalvars.minim, globalvars.maxm, globalvars.salt, globalvars.plugin_use]
+		checkMinMax(globalvars.minim, globalvars.maxm)
+		checkFlavour(globalvars.pattern_flavour)
 	except:
 		exitProgram(3)
 
-	return (minim,maxm,salt,plugin_use)
-
-
 # Show Help
 if len(sys.argv) <= 12 and "-SPECIAL" not in sys.argv:
 	showHelp()
 	exitProgram(1)
 
 # Read Args & Start
 if "-SPECIAL" in sys.argv:
-	(minim,maxm,salt,plugin_use) = readArgsSpecial(sys.argv)
-	startFuzzer(listadoSpecial.plugins,plugin_use,1)
+	readArgsSpecial(sys.argv)
+	startFuzzer(listadoSpecial.plugins)
 else:
-	(host,port,minim,maxm,salt,plugin_use,timeout) = readArgs(sys.argv)
-	startFuzzer(listadoPlugins.plugins,plugin_use,0)
+	readArgs(sys.argv)
+	startFuzzer(listadoPlugins.plugins)