The first beta release of pygdb has been posted up. This is a pure python wrapper around GDB using the machine interface (MI). This allows control of GDB from python and was created as part of the effort to get Peach 2.1 running nice on Linux and OS X. Additionally, a new monitor UnixGdb has been checked into the 2.1 code tree for the brave.

pygdb can be found here

Peach 2.0 development is blazing along, at some point I needed a python module to control a vmware server to allow for automatic start, stop and reverting.  I figured I’d release this useful bit of code as a python module.

Available here

from vix import Vix
import time
vm = Vix()

print "Connecting"
vm.Connect()

print "Opening vm"
vm.Open("E:\\VMs\\Windows XP\\Windows XP Professional.vmx")

#print "Powering On vm"
#vm.PowerOn()
#print "Waiting a bit..."
#time.sleep(10)
#print "Powering off vm"
#vm.PowerOff()

print "Reverting to snapshot 0"
vm.GetRootSnapshot()
vm.RevertToSnapshot()

print "Sleeping"
time.sleep(10)

print "Disconnecting"
vm.Disconnect()

Prior to heading down for Blackhat/Defcon I wanted to post a public preview of the next version of Peach.  Consider this an alpha/development release with limited documentation, missing features, and no doubt many bugs.

Over the next days/weeks I’ll be posting up looks at different features in Peach 2.0.  For now this will be the only tutorial/docs for the 2.0 series until we are closer to a full release.

Download Peach 2.0 Technology Preview

Here is what’s new in Peach 2.0:

• Separation between data generation/mutation and data modeling
• Data modeling performed in XML creating lower bar of entry
• Ability to create fuzzers w/o writing Python.
• Built ontop of existing framework, can fully reuse any custom written Generators, Transformers, and Publishers
• Assisted Data Modeling easier with XML specification
• Convert WireShark packet captures to XML data models
• Cracking of data based on data models

To come in Peach 2.0 as we approach release:

• Inclusion of several simple state models
• Expansion of Agent abilities
• More complex data generation based on data modeling
• Expose new features through language bindings (Peach.NET, .C, .J, etc)

What hasn’t changed?

• Fuzzers based on Peach 1.0 will continue to work with Peach 2.0
• Instrumentation of clients to hook for fuzzing still very easy
• Still customizable and extendable, built on-top of existing framework and interfaces so you can re-use existing code

Peach has been stable for quite some time, but I finally feel it’s time to label a release as the 1.0.  I have forked the code as development on Peach 2.0 is in full swing.  Several Generators have been updated and a few bugs fixed since the last release.

From here on out, only fix releases in the 1.0 branch will occur, new features will end up in the 2.0 series.

Download Peach Fuzzing Framework 1.0

New and notable in 1.0:

• PeachShark — Convert WireShark captures into Peach Fuzzers!
• StringTokenFuzzer — Tokenizes input string and performs string mutations and fuzzing of each token in the string.
• BadDerEncodedOctetString and BadBerEncodedOctetString — For testing ASN.1 based data
• Flags2 — Better handling/fuzzing of bit flags

Found myself reviewing some WMI stuff and needing to set values and see properties and all that good stuff.  WMI Explorer got me partway there, but I still needed to set values.  Sooo… 15min later there is a small .net tool for this.  Enjoy.

WMI Tool

Found myself writing a simple brute forcer yesterday for windows integrated web authentication (NTLM and Kerberose) that worked over SSL.  An easy task with .NET, but was surprised when asked for a tool to do this.  Seems most of the tools out there don’t have SSL integrated (easy to fix), poor domain support, and limited Kerberos support.  Anyway’s, since others may find this simple tool of some value I figured I’d post it up on ye old blog.

Source or Installer