fuzz - Online in the Cloud

PROGRAM:

NAME

fuzz - stress test programs

SYNOPSIS

fuzz [-t|--timeout timeinsecs] [-p|--printable] [-n|--newlines N] [-l|--length totlen]
[-m|--maxline maxlinelen] [-r|--runcount numruns] [-b|--bytes] [-c|--chroot] [-u|--user
username] [-a|--args] [-o|--omitdata] [-e|--execute filename] [-x|--maxargs numargs]
[-d|--dontask] [-y|--mararglen arglen] [-V|--version] [-i|--priority] target targetarg...

DESCRIPTION

fuzz is a program designed to find bugs in other programs. It does this by doing a form of
black box testing. It does this by running the target program multiple times and passing
it random input. Right now this can come from one of two places, stdin and the command
line arguments. Testing completes whenever the program either the requested number of runs
finishes successufully or the program crashes.

Any arguments following the target program are passed directly to the target program.

NOTE: If the program is not in PATH, it must be referred to using absolute path.

OPTIONS
-a, --args
In addition to passing random data via stdin, pass random command line arguments.
This simply sets the number or random arguments to be passed to 256. See the BUGS
section.

-b, --bytes
In addition to counting through the number of runs. Count through the bytes being
sent through stdin to the program. This option really serves no purpose other than
making something interesting to watch.

-c, --chroot
Since there is no telling what a program will do when given random input. this
allows a program to be sort of caged while it is run so that the damage that it may
be able to do is minimized. This requires that the fuzz be run as root. It will
drop privlages before it runs the test program. This option is best used in
conjunction with the --user option. This often times requires that a program is
statically linked.

-d, --dontask
In the cases where the target program is for sure part of a package and the
packaging information will provide the needed version information then you can use
this option to avoid being asked what the version is.

-i, --priority
Run at a specified priority.

-l, --length LENGTH
The length in bytes of the data stream to pass through stdin into the target
program. The default length is 100K.

-m, --maxline MAXLINELEN
Specify the maximum line length within the random data stream passed into stdin.

-n, --newlines N
Include random N newlines in the input stream.

-o, --omitdata
Some programs don't take input from stdin. They only take input from the command
line arguments. If this is the case simply use the --omitdata option.

-p, --printable
This limits both the stdin and the command line arguments to only printable
characters. By default fuzz passes fully random bytes into the target program.

-r, --runcount RUNCOUNT
The number of times to run the target program. The default is 10,000.

-t, --timeout TIME
This sets the number of seconds that the fuzz will wait for the other program
before it assumes that the program is hung. The default value is 120 seconds. This
is sensing of when a program is hung is not entirely reliable. See the BUGS
section.

-u, --user USERNAME
Since there is no telling what a program will do when given random input, this
specifies what user the target program will be run as so that it is easy to find
and repair anything that may have been scribbled across your file system. This
option was designed to be used in conjuntion with the --chroot option and will only
work if fuzz is run as root.

-V, --version
Print the version of fuzz and exit.

-x. --maxargs NUMARGS
This is to set the maximum number of arguments that are passed to each invocation
of the target program.

-y, --maxarglen ARGLEN
Sets the maximum length of an arguments passed to the target program.

EXAMPLES

Check grep:

fuzz grep foo

Run program with different user:

fuzz --chroot --user nobody cpio -i

When program is not in path, use absolute patch to access it:

fuzz ./src/myprogram

Use fuzz online using onworks.net services