Fuzzing with pydbg

malwrforensics
January 27, 2018
Security

Here are some detailed instructions on how to install pydbg.

In its most basic form, you need the following to execute a program:

from pydbg import *
from pydbg.defines import *


def exception_handle(dbg):
    print(dbg.dump_context())
    raw_input("Press enter to continue...")
    return DBG_EXCEPTION_NOT_HANDLED

def debug(exe_path, params):
    dbg = pydbg()
    pid = dbg.load(exe_path, params)
    dbg.set_callback(EXCEPTION_ACCESS_VIOLATION, exception_handle)
    dbg.set_callback(EXCEPTION_GUARD_PAGE, exception_handle)
    dbg.run()
 return

def fuzz(exe_file):
    while <cond>:
        <prepare the parameters>
        #debug the program and stop when there's a crash
        debug(exe_file, params)

Fuzzing with pydbg

Using 7-Zip to extract a fake 7-Zip installer

Fuzzing FTP server commands

File format fuzzer (generic)

Useful commands for exploit development

Forensic artefacts extractor