Fuzz (multiplayer) servers and clients using pcaps or mitm based approaches. This is UDP only as it was developed to fuzz games in the first place.
It supports fuzzing based on a pre-captured
pcap file that will serve as a base for fuzzing. The packets will be read, modified and replayed in order to cause crashes of the server. The second mode involves a man-in-the-middle (MITM) setup where
fuzz0r.py acts as a proxy that fuzzes network packets on-the-fly to target the client and the server at once. The fuzzer creates a fuzzer and error log file to debug things and recreate crashes. You can also use
wireshark to capture the traffic generated by this fuzzer for easier replay.
Please refer to the
Pipfile and use it to install the Python2.7 dependencies using
pipenv Additionally, get and compile radamsa.
CLIENT settings of
fuzz0r.py to get started.
First, create a
pcap file, for example by joining a CS:GO server and capturing all related packets. This can cover packets originating from and going to the client/server -- however at the moment only the packets sent to the server are being replayed in this mode. After that edit the settings part of
fuzz0r.py to use the desired
pcap file. Call
pcapFuzz in the main method to start the fuzzing process.
Use the following
iptables rules to make
fuzz0r.py a proxy between the client and the server:
sudo iptables -A OUTPUT -d <Server-IP> -j NFQUEUE --queue-num 1 # Fuzz the server sudo iptables -A INPUT -s <Server-IP> -j NFQUEUE --queue-num 1 # Fuzz the client
After that, edit
fuzz0r.py's main method to call
mitmFuzz and run it as root. This ultimately fuzzes the client and the server while you play the game.