-
-
[旧帖] [原创][申请邀请码]GPF各种模式及命令参数 0.00雪花
-
2011-3-7 15:26 852
-
最近在学习GPF,把其具体模式和参数命令总结下:
root@ubuntu:/home/xq/桌面/GPF/bin# ./GPF
{{{Bad args -- Did you choose a mode?}}}
General Purpose Fuzzer (GPF) - By: Jared DeMott
'-h R' for the pure fuzz usage
'-h C' for the convert usage
'-h G' for the basic GPF usage
'-h P' for the Pattern Matching GPF usage
'-h p' for the newer Pattern Matching GPF usage ((don't use, not done))
'-h E' for the Evolutionary Fuzzer System (GPF portion) usage
'-h X' for the Replay Evolutionary data from mysqldb
'-h' for this usage
NOTE: Be sure to enter vaild command line options as only marginal vaildation is preformed inside GPF
---------------------------------------------------------------------------------------------------------------------------------root@ubuntu:/home/xq/桌面/GPF/bin# ./GPF -h R ?
General Purpose Fuzzer (GPF) - By: Jared DeMott
Random fuzzing Mode (-R +|x-y)
Usage: GPF <ModeArgs> <hostname/IP> <PORT> <SPORT> <TCP/UDP> <SEED> <DELAY>
ModeArgs = '-R +|x-y'
Can specify a range of pkts to send; put only + to send all
IP = IP address of target. [localhost]
PORT = Destination port. [21]
SPORT = Source port. Use a ? for don't care. [?]
TCP/UDP = Protocol type. [TCP]
SEED = Any string of numbers (Allows a successful attack to be repeated). [82645286]
DELAY = Any number of microseconds. [1000]
'-h R' for this usage
NOTE: Be sure to enter vaild command line options as only marginal vaildation is preformed inside GPF
root@ubuntu:/home/xq/桌面/GPF/bin# ./GPF -h C ?
General Purpose Fuzzer (GPF) - By: Jared DeMott
Convert Mode
Usage: GPF -C <filein> <fileout>
filein = pcap file to read in
fileout = fileanme to output converted txt.gpf
'-h C' for this usage
NOTE: Be sure to enter vaild command line options as only marginal vaildation is preformed inside GPF
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
root@ubuntu:/home/xq/桌面/GPF/bin# ./GPF -h G ?
General Purpose Fuzzer (GPF) - By: Jared DeMott
GPF mode (-G b|f|l|r)
Usage: GPF <AttackMode> <CaptureFile> <ReplayMode> <hostname/IP> <PORT> <SPORT> <TCP/UDP> <SEED> <DELAY> <LStart> <LStop> <PStart> <PStop> <AStart> <AInc> <AStop> <AChar> <CycleMode> <extraAttacks> <ReadWait> <PrintChoice> <UserFunc>
AttackMode Args = '-G r|b|f|l' [-G b]
r : Replay - For verification; no attack but can still use userFunc. Starts at LINE.
b : Buffer overflow attack
f : Format bug attack (6e is n; a good choice when searching for format bugs)
l : Logic (bit flipping) attack - AStart, Inc, Stop, and Char have special meaning - See README.
Use AStart, AInc, and AStop to count how many times. POS and AChar have no meaning.
CaptureFile = File name of the captured traffic to replay. [mycapture.gpf]
ReplayMode = 'client' (test servers); 'server' (test clients). [client]
IP = IP address of target or IP address to bind to. [localhost]
PORT = Destination port or Port to listen on. [21]
SPORT = Source port. Use a ? for don't care. Only affects client mode. [?]
TCP/UDP = Protocol type. [TCP]
SEED = For repeatable randomness (allows a successful test to be repeated). [82645286]
DELAY = Any number of microseconds [1000]
LStart = Decimal packet number (which 'leg' of the session) to begin fuzzing on. [0]
LStop = Decimal packet number (which 'leg' of the session) to stop fuzzing at. [+] (+ = all legs)
PStart = Decimal position in the data (if 40bytes of data, then 1-40;if>max skip leg) to begin fuzzing at. [0]
PStop = Decimal position in the data (if 40bytes of data, then 1-40) to stop fuzzing at. [+] (+ = max position)
AStart = Decimal sized number of bytes to start attacking with. [0]
AInc = Decimal size number of bytes to increment attack by. [255]
AStop = Decimal size number of bytes to stop at. [17000]
AChar = Hex character to fill attack buffer with. Use the from 41 for 'A', etc.
If AChar equal to 43, then fill with random data (for all three modes). [6e]
CycleMode = 'close' fd after each attack, or 'finish' replaying as much of capture file as possible. [finish]
ExtraAttacks = Normal is 1 attackleg/session. This option allows for multile attacklegs/session. [0]
ReadWait = How many seconds to wait in a read if data is not availible. [3]
PrintChoice = Print choice in which to display the session - ascii; hex; auto. [auto]
UserFunc = Name of user defined code. Use 'none' if none. [none]
'-h G' for this usage
NOTE: Be sure to enter vaild command line options as only marginal vaildation is preformed inside GPF
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
root@ubuntu:/home/xq/桌面/GPF/bin# ./GPF -h P ?
General Purpose Fuzzer (GPF) - By: Jared DeMott
Pattern (Tokenizer) GPF mode
Usage: GPF -P <CaptureFile> <ReplayMode> <hostname/IP> <PORT> <SPORT> <TCP/UDP> <SEED> <DELAY> <ReadWait> <PrintChoice> <UserFunc> <TokPrint> <TokAid> <MutationRate> <OnSessionSetupError>
-P = Pattern Matching tokenizes each piece of each leg and inserts random attacks based on patterns.
CaptureFile = File name of the captured traffic to tokenize and replayFuzz. [mycapture]
ReplayMode = 'client' (test servers); 'server' (test clients). [client]
IP = IP address of target or IP address to bind to. [localhost]
PORT = Destination port or Port to listen on. [21]
SPORT = Source port. Use a ? for don't care. Only affects client mode. [?]
TCP/UDP = Protocol type. [TCP]
SEED = For repeatable randomness (allows a successful attack to be repeated). [78883310]
DELAY = Any number of microseconds. [2000]
ReadWait = How many seconds to wait in a read if data is not availible. [3]
PrintChoice = Print choice in which to display the session - 'ascii'; 'hex'; 'auto'. [AUTO]
UserFunc = Name of user defined code. Use 'none' if none. [none]
TokPrint = Print parsed toks at start of replay for FYI/debugging. Use either 'long' or 'short'. [short]
TokAid = Name of code that will help parse protocol. Use 'NONE' if none. [GENERIC_ASCII]
MutationRate = Rate of Mutations: 'high', 'med', or 'low'. [med]
OnSessionSetupError = If TCP session setup fails either 'CONTINUE' or 'QUIT'. [CONTINUE]
'-h P' for this usage
NOTE: Be sure to enter vaild command line options as only marginal vaildation is preformed inside GPF
root@ubuntu:/home/xq/桌面/GPF/bin# ./GPF -h p ?
General Purpose Fuzzer (GPF) - By: Jared DeMott
Pattern (Tokenizer) GPF mode
Usage: GPF -P <CaptureFile> <ReplayMode> <hostname/IP> <PORT> <SPORT> <TCP/UDP> <SEED> <DELAY> <ReadWait> <PrintChoice> <UserFunc> <TokPrint> <TokAid> <MutationRate> <OnSessionSetupError>
-P = Pattern Matching tokenizes each piece of each leg and inserts random attacks based on patterns.
CaptureFile = File name of the captured traffic to tokenize and replayFuzz. [mycapture]
ReplayMode = 'client' (test servers); 'server' (test clients). [client]
IP = IP address of target or IP address to bind to. [localhost]
PORT = Destination port or Port to listen on. [21]
SPORT = Source port. Use a ? for don't care. Only affects client mode. [?]
TCP/UDP = Protocol type. [TCP]
SEED = For repeatable randomness (allows a successful attack to be repeated). [78883310]
DELAY = Any number of microseconds. [2000]
ReadWait = How many seconds to wait in a read if data is not availible. [3]
PrintChoice = Print choice in which to display the session - 'ascii'; 'hex'; 'auto'. [AUTO]
UserFunc = Name of user defined code. Use 'none' if none. [none]
TokPrint = Print parsed toks at start of replay for FYI/debugging. Use either 'long' or 'short'. [short]
TokAid = Name of code that will help parse protocol. Use 'NONE' if none. [GENERIC_ASCII]
MutationRate = Rate of Mutations: 'high', 'med', or 'low'. [med]
OnSessionSetupError = If TCP session setup fails either 'CONTINUE' or 'QUIT'. [CONTINUE]
'-h P' for this usage
NOTE: Be sure to enter vaild command line options as only marginal vaildation is preformed inside GPF
root@ubuntu:/home/xq/桌面/GPF/bin# ./GPF -h E ?
General Purpose Fuzzer (GPF) - By: Jared DeMott
Evolutionary GPF mode
Usage: GPF -E <Mysql host> <Mysql user> <Mysql passwd> <ID> <StartingGen> <PaiMei host> <PaiMei PORT> <StalkType> <PlayMode> <HOST> <PORT> <SPORT> <TCP/UDP> <DELAY> <Wait> <DisplayLevel> <PrintChoice> <Pools> <Sessions> <Fixed/Max> <Legs> <Fixed/Max> <Toks> <Fixed/Max> <Generations> <SessionMutationRate> <PoolCrossoverRate> <PoolMutationRate> <UserFunc> <SeedFile> <proxy> <Diversity>
Mysql Host = Hostname or IP address of the Mysql server. [WindowsBox]
Mysql user = Mysql user. [user]
Mysql passwd = Mysql passwd. [passwd]
ID = This Mysql ID will be need to continue from previous runs. [0]
Starting Generation = Use zero for a new run. n to continue from a previously saved run. [0]
On save, if the ID/gen (in mysqldb) contains data, the saved generation is deleted to make room for new data.
Also, if you restart and ID with gen==0 all data for that ID is deleted.
PaiMei Host = Hostname or IP address of the PaiMei (debugger) server. [WindowsBox]
PaiMei PORT = Destination port of the PaiMei (debugger) server. [31338]
PaiMei stalk type = 'funcs' or 'basic_blocks'. [funcs]
PlayMode = 'client' (test servers); 'server' (test clients). [client]
HOST = Hostname or IP address of target or IP address to bind to. [localhost]
PORT = Destination port or Port to listen on. [21]
SPORT = Source port. Use a ? for don't care. Only affects client mode. [?]
TCP/UDP = Protocol type. [TCP]
DELAY = Any number of microseconds. [2000]
Wait = How many clicks to wait in a read/write if data is not availible/couldn't send. [20]
A click is .01 sec. So 20 would be .2 of a second.
DisplayLevel = Various levels of printed details as we run - 'low'; 'med'; 'high'. [low]
PrintChoice = Print choice in which to display the session - 'ascii'; 'hex'; 'auto'. [AUTO]
Pools = Number of (genotype) pools. [4]
Sessions/Pool = Number of (genotypes) sessions/pool. [25]
Fixed/Max = Should the previous number be Fixed or a Max? [Fixed]
Legs/session = Maximum number of legs/session. [10]
Fixed/Max = Should the previous number be Fixed or a Max? [Fixed]
Tokens/leg = Maximum number of tokens/leg. [10]
Fixed/Max = Should the previous number be Fixed or a Max? [Fixed]
Generations = Number of generations to run. [400]
Session crossover (within a pool) occurs each generation to create totally new sessions in each pool.
SessionMutationRate = Mutate 2 toks (1 data, 1 type) in each session only every X generations. [3]
PoolCross0verRate = Crossover pools (creates newly ordered sessions in each pool) every X generations. [5]
PoolMutationRate = Insert or delete a random session from each pool every X generations. [9]
UserFunc = Name of user defined code. (Not yet tested for -E mode.) Use 'none' if none. [none]
SeedFile = File that contains seed strings that may be hard to randomly guess. Use 'none' if none. [X_cmds.seed]
Proxy = Use 'yes' or 'no'. If yes, the HOST/PORT from above will point the the proxy. [no]
Diversity = 0=no fitness boost for diverse sessions/pools; 1=give a boost. [1]
'-h E' for this usage
NOTE: Be sure to enter vaild command line options as only marginal vaildation is preformed inside GPF
*******************************************************************************
root@ubuntu:/home/xq/桌面/GPF/bin# ./GPF -h X ?
General Purpose Fuzzer (GPF) - By: Jared DeMott
'-h R' for the pure fuzz usage
'-h C' for the convert usage
'-h G' for the basic GPF usage
'-h P' for the Pattern Matching GPF usage
'-h p' for the newer Pattern Matching GPF usage ((don't use, not done))
'-h E' for the Evolutionary Fuzzer System (GPF portion) usage
'-h X' for the Replay Evolutionary data from mysqldb
'-h' for this usage
NOTE: Be sure to enter vaild command line options as only marginal vaildation is preformed inside GPF
*******************************************************************************
root@ubuntu:/home/xq/桌面/GPF/bin# ./GPF -h ?
General Purpose Fuzzer (GPF) - By: Jared DeMott
'-h R' for the pure fuzz usage
'-h C' for the convert usage
'-h G' for the basic GPF usage
'-h P' for the Pattern Matching GPF usage
'-h p' for the newer Pattern Matching GPF usage ((don't use, not done))
'-h E' for the Evolutionary Fuzzer System (GPF portion) usage
'-h X' for the Replay Evolutionary data from mysqldb
'-h' for this usage
NOTE: Be sure to enter vaild command line options as only marginal vaildation is preformed inside GPF
root@ubuntu:/home/xq/桌面/GPF/bin# ./GPF
{{{Bad args -- Did you choose a mode?}}}
General Purpose Fuzzer (GPF) - By: Jared DeMott
'-h R' for the pure fuzz usage
'-h C' for the convert usage
'-h G' for the basic GPF usage
'-h P' for the Pattern Matching GPF usage
'-h p' for the newer Pattern Matching GPF usage ((don't use, not done))
'-h E' for the Evolutionary Fuzzer System (GPF portion) usage
'-h X' for the Replay Evolutionary data from mysqldb
'-h' for this usage
NOTE: Be sure to enter vaild command line options as only marginal vaildation is preformed inside GPF
---------------------------------------------------------------------------------------------------------------------------------root@ubuntu:/home/xq/桌面/GPF/bin# ./GPF -h R ?
General Purpose Fuzzer (GPF) - By: Jared DeMott
Random fuzzing Mode (-R +|x-y)
Usage: GPF <ModeArgs> <hostname/IP> <PORT> <SPORT> <TCP/UDP> <SEED> <DELAY>
ModeArgs = '-R +|x-y'
Can specify a range of pkts to send; put only + to send all
IP = IP address of target. [localhost]
PORT = Destination port. [21]
SPORT = Source port. Use a ? for don't care. [?]
TCP/UDP = Protocol type. [TCP]
SEED = Any string of numbers (Allows a successful attack to be repeated). [82645286]
DELAY = Any number of microseconds. [1000]
'-h R' for this usage
NOTE: Be sure to enter vaild command line options as only marginal vaildation is preformed inside GPF
root@ubuntu:/home/xq/桌面/GPF/bin# ./GPF -h C ?
General Purpose Fuzzer (GPF) - By: Jared DeMott
Convert Mode
Usage: GPF -C <filein> <fileout>
filein = pcap file to read in
fileout = fileanme to output converted txt.gpf
'-h C' for this usage
NOTE: Be sure to enter vaild command line options as only marginal vaildation is preformed inside GPF
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
root@ubuntu:/home/xq/桌面/GPF/bin# ./GPF -h G ?
General Purpose Fuzzer (GPF) - By: Jared DeMott
GPF mode (-G b|f|l|r)
Usage: GPF <AttackMode> <CaptureFile> <ReplayMode> <hostname/IP> <PORT> <SPORT> <TCP/UDP> <SEED> <DELAY> <LStart> <LStop> <PStart> <PStop> <AStart> <AInc> <AStop> <AChar> <CycleMode> <extraAttacks> <ReadWait> <PrintChoice> <UserFunc>
AttackMode Args = '-G r|b|f|l' [-G b]
r : Replay - For verification; no attack but can still use userFunc. Starts at LINE.
b : Buffer overflow attack
f : Format bug attack (6e is n; a good choice when searching for format bugs)
l : Logic (bit flipping) attack - AStart, Inc, Stop, and Char have special meaning - See README.
Use AStart, AInc, and AStop to count how many times. POS and AChar have no meaning.
CaptureFile = File name of the captured traffic to replay. [mycapture.gpf]
ReplayMode = 'client' (test servers); 'server' (test clients). [client]
IP = IP address of target or IP address to bind to. [localhost]
PORT = Destination port or Port to listen on. [21]
SPORT = Source port. Use a ? for don't care. Only affects client mode. [?]
TCP/UDP = Protocol type. [TCP]
SEED = For repeatable randomness (allows a successful test to be repeated). [82645286]
DELAY = Any number of microseconds [1000]
LStart = Decimal packet number (which 'leg' of the session) to begin fuzzing on. [0]
LStop = Decimal packet number (which 'leg' of the session) to stop fuzzing at. [+] (+ = all legs)
PStart = Decimal position in the data (if 40bytes of data, then 1-40;if>max skip leg) to begin fuzzing at. [0]
PStop = Decimal position in the data (if 40bytes of data, then 1-40) to stop fuzzing at. [+] (+ = max position)
AStart = Decimal sized number of bytes to start attacking with. [0]
AInc = Decimal size number of bytes to increment attack by. [255]
AStop = Decimal size number of bytes to stop at. [17000]
AChar = Hex character to fill attack buffer with. Use the from 41 for 'A', etc.
If AChar equal to 43, then fill with random data (for all three modes). [6e]
CycleMode = 'close' fd after each attack, or 'finish' replaying as much of capture file as possible. [finish]
ExtraAttacks = Normal is 1 attackleg/session. This option allows for multile attacklegs/session. [0]
ReadWait = How many seconds to wait in a read if data is not availible. [3]
PrintChoice = Print choice in which to display the session - ascii; hex; auto. [auto]
UserFunc = Name of user defined code. Use 'none' if none. [none]
'-h G' for this usage
NOTE: Be sure to enter vaild command line options as only marginal vaildation is preformed inside GPF
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
root@ubuntu:/home/xq/桌面/GPF/bin# ./GPF -h P ?
General Purpose Fuzzer (GPF) - By: Jared DeMott
Pattern (Tokenizer) GPF mode
Usage: GPF -P <CaptureFile> <ReplayMode> <hostname/IP> <PORT> <SPORT> <TCP/UDP> <SEED> <DELAY> <ReadWait> <PrintChoice> <UserFunc> <TokPrint> <TokAid> <MutationRate> <OnSessionSetupError>
-P = Pattern Matching tokenizes each piece of each leg and inserts random attacks based on patterns.
CaptureFile = File name of the captured traffic to tokenize and replayFuzz. [mycapture]
ReplayMode = 'client' (test servers); 'server' (test clients). [client]
IP = IP address of target or IP address to bind to. [localhost]
PORT = Destination port or Port to listen on. [21]
SPORT = Source port. Use a ? for don't care. Only affects client mode. [?]
TCP/UDP = Protocol type. [TCP]
SEED = For repeatable randomness (allows a successful attack to be repeated). [78883310]
DELAY = Any number of microseconds. [2000]
ReadWait = How many seconds to wait in a read if data is not availible. [3]
PrintChoice = Print choice in which to display the session - 'ascii'; 'hex'; 'auto'. [AUTO]
UserFunc = Name of user defined code. Use 'none' if none. [none]
TokPrint = Print parsed toks at start of replay for FYI/debugging. Use either 'long' or 'short'. [short]
TokAid = Name of code that will help parse protocol. Use 'NONE' if none. [GENERIC_ASCII]
MutationRate = Rate of Mutations: 'high', 'med', or 'low'. [med]
OnSessionSetupError = If TCP session setup fails either 'CONTINUE' or 'QUIT'. [CONTINUE]
'-h P' for this usage
NOTE: Be sure to enter vaild command line options as only marginal vaildation is preformed inside GPF
root@ubuntu:/home/xq/桌面/GPF/bin# ./GPF -h p ?
General Purpose Fuzzer (GPF) - By: Jared DeMott
Pattern (Tokenizer) GPF mode
Usage: GPF -P <CaptureFile> <ReplayMode> <hostname/IP> <PORT> <SPORT> <TCP/UDP> <SEED> <DELAY> <ReadWait> <PrintChoice> <UserFunc> <TokPrint> <TokAid> <MutationRate> <OnSessionSetupError>
-P = Pattern Matching tokenizes each piece of each leg and inserts random attacks based on patterns.
CaptureFile = File name of the captured traffic to tokenize and replayFuzz. [mycapture]
ReplayMode = 'client' (test servers); 'server' (test clients). [client]
IP = IP address of target or IP address to bind to. [localhost]
PORT = Destination port or Port to listen on. [21]
SPORT = Source port. Use a ? for don't care. Only affects client mode. [?]
TCP/UDP = Protocol type. [TCP]
SEED = For repeatable randomness (allows a successful attack to be repeated). [78883310]
DELAY = Any number of microseconds. [2000]
ReadWait = How many seconds to wait in a read if data is not availible. [3]
PrintChoice = Print choice in which to display the session - 'ascii'; 'hex'; 'auto'. [AUTO]
UserFunc = Name of user defined code. Use 'none' if none. [none]
TokPrint = Print parsed toks at start of replay for FYI/debugging. Use either 'long' or 'short'. [short]
TokAid = Name of code that will help parse protocol. Use 'NONE' if none. [GENERIC_ASCII]
MutationRate = Rate of Mutations: 'high', 'med', or 'low'. [med]
OnSessionSetupError = If TCP session setup fails either 'CONTINUE' or 'QUIT'. [CONTINUE]
'-h P' for this usage
NOTE: Be sure to enter vaild command line options as only marginal vaildation is preformed inside GPF
root@ubuntu:/home/xq/桌面/GPF/bin# ./GPF -h E ?
General Purpose Fuzzer (GPF) - By: Jared DeMott
Evolutionary GPF mode
Usage: GPF -E <Mysql host> <Mysql user> <Mysql passwd> <ID> <StartingGen> <PaiMei host> <PaiMei PORT> <StalkType> <PlayMode> <HOST> <PORT> <SPORT> <TCP/UDP> <DELAY> <Wait> <DisplayLevel> <PrintChoice> <Pools> <Sessions> <Fixed/Max> <Legs> <Fixed/Max> <Toks> <Fixed/Max> <Generations> <SessionMutationRate> <PoolCrossoverRate> <PoolMutationRate> <UserFunc> <SeedFile> <proxy> <Diversity>
Mysql Host = Hostname or IP address of the Mysql server. [WindowsBox]
Mysql user = Mysql user. [user]
Mysql passwd = Mysql passwd. [passwd]
ID = This Mysql ID will be need to continue from previous runs. [0]
Starting Generation = Use zero for a new run. n to continue from a previously saved run. [0]
On save, if the ID/gen (in mysqldb) contains data, the saved generation is deleted to make room for new data.
Also, if you restart and ID with gen==0 all data for that ID is deleted.
PaiMei Host = Hostname or IP address of the PaiMei (debugger) server. [WindowsBox]
PaiMei PORT = Destination port of the PaiMei (debugger) server. [31338]
PaiMei stalk type = 'funcs' or 'basic_blocks'. [funcs]
PlayMode = 'client' (test servers); 'server' (test clients). [client]
HOST = Hostname or IP address of target or IP address to bind to. [localhost]
PORT = Destination port or Port to listen on. [21]
SPORT = Source port. Use a ? for don't care. Only affects client mode. [?]
TCP/UDP = Protocol type. [TCP]
DELAY = Any number of microseconds. [2000]
Wait = How many clicks to wait in a read/write if data is not availible/couldn't send. [20]
A click is .01 sec. So 20 would be .2 of a second.
DisplayLevel = Various levels of printed details as we run - 'low'; 'med'; 'high'. [low]
PrintChoice = Print choice in which to display the session - 'ascii'; 'hex'; 'auto'. [AUTO]
Pools = Number of (genotype) pools. [4]
Sessions/Pool = Number of (genotypes) sessions/pool. [25]
Fixed/Max = Should the previous number be Fixed or a Max? [Fixed]
Legs/session = Maximum number of legs/session. [10]
Fixed/Max = Should the previous number be Fixed or a Max? [Fixed]
Tokens/leg = Maximum number of tokens/leg. [10]
Fixed/Max = Should the previous number be Fixed or a Max? [Fixed]
Generations = Number of generations to run. [400]
Session crossover (within a pool) occurs each generation to create totally new sessions in each pool.
SessionMutationRate = Mutate 2 toks (1 data, 1 type) in each session only every X generations. [3]
PoolCross0verRate = Crossover pools (creates newly ordered sessions in each pool) every X generations. [5]
PoolMutationRate = Insert or delete a random session from each pool every X generations. [9]
UserFunc = Name of user defined code. (Not yet tested for -E mode.) Use 'none' if none. [none]
SeedFile = File that contains seed strings that may be hard to randomly guess. Use 'none' if none. [X_cmds.seed]
Proxy = Use 'yes' or 'no'. If yes, the HOST/PORT from above will point the the proxy. [no]
Diversity = 0=no fitness boost for diverse sessions/pools; 1=give a boost. [1]
'-h E' for this usage
NOTE: Be sure to enter vaild command line options as only marginal vaildation is preformed inside GPF
*******************************************************************************
root@ubuntu:/home/xq/桌面/GPF/bin# ./GPF -h X ?
General Purpose Fuzzer (GPF) - By: Jared DeMott
'-h R' for the pure fuzz usage
'-h C' for the convert usage
'-h G' for the basic GPF usage
'-h P' for the Pattern Matching GPF usage
'-h p' for the newer Pattern Matching GPF usage ((don't use, not done))
'-h E' for the Evolutionary Fuzzer System (GPF portion) usage
'-h X' for the Replay Evolutionary data from mysqldb
'-h' for this usage
NOTE: Be sure to enter vaild command line options as only marginal vaildation is preformed inside GPF
*******************************************************************************
root@ubuntu:/home/xq/桌面/GPF/bin# ./GPF -h ?
General Purpose Fuzzer (GPF) - By: Jared DeMott
'-h R' for the pure fuzz usage
'-h C' for the convert usage
'-h G' for the basic GPF usage
'-h P' for the Pattern Matching GPF usage
'-h p' for the newer Pattern Matching GPF usage ((don't use, not done))
'-h E' for the Evolutionary Fuzzer System (GPF portion) usage
'-h X' for the Replay Evolutionary data from mysqldb
'-h' for this usage
NOTE: Be sure to enter vaild command line options as only marginal vaildation is preformed inside GPF
[培训]《安卓高级研修班(网课)》月薪三万计划,掌 握调试、分析还原ollvm、vmp的方法,定制art虚拟机自动化脱壳的方法
赞赏
|
|
|---|---|
|
|
他的文章
