W dniu 18.02.2016 o 18:03, Gert Doering pisze: > Hi, > > On Thu, Feb 18, 2016 at 05:15:50PM +0100, Jacek Wielemborek wrote: >> The thing is that in order to fuzz it most efficiently, it would be good >> to modify the server to use stdin/stdout (or dev null) for network I/O >> and terminate after handling a single connection. Also, we would need to >> disable any checksums, compression or encryption. > > OpenVPN can be called from inetd, so it can sort of handle "an already > connected socket on stdin/stdout". > > "sort of" because the backend refuses most normal options in this case > (it can only handle tap interfaces, and no --ifconfig, because the > assumption is that this only makes sense if you attach to a pre-configured > bridge) - but for fuzzing the network side, this should work.
I read up on inetd mode and couldn't find a working example. Could someone show me a setup where I could make it read a request from stdin and ideally make it terminate after a sample request? Then I could start trying to plug it into AFL.
signature.asc
Description: OpenPGP digital signature
