[ANN] RFuzz 0.9 -- The Evil of Broken Sockets

Z

Zed Shaw

Just a short announce that RFuzz 0.9 is released for everyone to try.

http://rfuzz.rubyforge.org/
http://rubyforge.org/projects/rfuzz/

And you can install from rubygems with:

gem install rfuzz


WHAT IS RFUZZ?

RFuzz is a small project to make it easy for you to write scripts that
test any HTTP web application at various levels of destruction. You can
start with just making sure expected behavior works, and finally move to
throwing random evil requests at your app to see if it lives. The
techniques available to you with RFuzz are:

* A full but very small thin and fast HTTP client library that's right
at the bare metal. It's very clear and you can plug in notifiers to
watch every stage of the request.
* A simple API that is actually really useful as just an HTTP client
alternative to net/http.
* A simplistic session system that makes it easy to behave like a web
browser.
* Cookie tracking (but really basic stuff).
* A full C based RC4 randomness generator that lets you crank out random
words, bytes, integers, hashmaps, arrays, the works.
* The ability to "break sockets" by setting a global variable and having
RFuzz violently close sockets are random. Lots of fun.
* Tons and tons of examples, including the full Mongrel external test
suite I use to validate Mongrel before releases. This example actually
uses rant and rspec to demonstrate something a little different.

-- RFuzz was the tool that I used to write the Rails security test and
helped people validate Rails on various platforms. ---


A CODE SAMPLE

Here's how you do a request:

client = HttpClient.new("localhost", 3000)
res = client.get("/images/rails.png")

The railspng is then just a Hash of the headers with a few extra
attributes:

res.http_body => (the png binary)
res.http_status => 200
res.http_reason => "OK"
res.http_version => "HTTP/1.1"

Finally, the method call to an HttpClient (.get, .put, etc.) is done
with method missing and is entirely dynamic, and all parameters come
from sensible Hash parameters. This means you can save requests to data
files and replay them. Here's an example of doing a GET form for
Google:

google = HttpClient.new("www.google.com", 80)
res = google.get("/search", :head => {"User-Agent" => agent},
:query => {"q" => "Zed Shaw",
"hl" => "en",
"btnG" => "Google Search"})

You can change headers, and you can also pass the :head => part to the
HttpClient.new instead and it'll always get added.

Available examples in the source are:

* amazon_headers.rb -- Someone didn't get the memo.
* cl_watcher.rb -- I found an apartment with this.
* hpricot_pudding.rb -- Using Hpricot to find things.
* kill_routes.rb -- Give rails incredibly nasty routes.
* perftest.rb -- simple and not accurate performance test.
* rails_security_test.rb -- Tries to run everything in your rails
directory through web requests.
* random_sockets.rb -- Find out what Mongrel does when evil things
happen to sockets.
* randomizer.rb -- Just plays with random stuff.
* mongrel_test_suite/* -- The start of a big test suite for mongrel.

Enjoy! I'll be covering and working on RFuzz for the RubyConf talk I'll
be giving on fuzzing.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,968
Messages
2,570,154
Members
46,702
Latest member
LukasConde

Latest Threads

Top