Welcome to Buffer Tester, a lightweight C-based fuzzer designed to help developers and security enthusiasts test programs for common vulnerabilities. It generates various types of input data to stress-test applications and detect issues like buffer overflows, format string vulnerabilities, and more. This tool is perfect for learning about software security or testing your own programs in a controlled environment.
- Multiple Vulnerability Checks: Detects stack canary bypass, heap overflow, use-after-free, format string vulnerabilities, integer overflow, race conditions, and path traversal.
- Customizable Input Generation: Supports various input types (
repeat,random,special,format,heap,integer,path,mixed) to trigger specific vulnerabilities. - Flexible Input Delivery: Pass inputs via command-line arguments or stdin, with support for multiple inputs using
--prompt. - Timeout Control: Set per-test timeouts to catch performance issues or infinite loops.
- Verbose Logging: Detailed logs with test results, execution times, and vulnerability details saved to a file (
test_results.txtby default). - Command-Line Interface: Easy-to-use options for configuring tests, including input sizes, types, and exclusion lists.
├── include/
│ └── fuzzer.h # Header file with core definitions and declarations
│
├── src/
│ ├── input_generator.c # Generates test inputs for different vulnerability types
│ ├── logger.c # Handles logging of test results
│ ├── test_runner.c # Runs tests with timeouts and captures output
│ ├── utils.c # Utility functions (e.g., size parsing)
│ └── vulnerability_detector.c # Detects vulnerabilities based on program output
│
├── Vulnerable_programme/
│ ├── heap_overflow_vuln.c # Simulates a heap overflow vulnerability
│ ├── integer_overflow_vuln.c # Simulates an integer overflow vulnerability
│ ├── multiple_input_vuln.c # Accepts multiple inputs via stdin
│ ├── path_traversal_vuln.c # Simulates a path traversal vulnerability
│ ├── stack_canary_vuln.c # Tests stack buffer overflow with stack canaries
│ ├── string_format_vuln.c # Demonstrates a format string vulnerability
│ └── use_after_free.c # Contains a use-after-free vulnerability- Operating System: Linux (tested on Ubuntu)
- Compiler: GCC
- Libraries: Standard C libraries,
pthreadfor race condition tests - Permissions: Ensure you have execute permissions for the tested programs
-
Clone the repository:
git clone https://github.com/your-username/buffer-tester.git cd buffer-tester -
Compile the fuzzer:
gcc -o buffer_tester src/*.c -pthread- Compile the test programs in Vulnerable_programme directory:
Run the fuzzer with the following command:
./buffer_tester [OPTIONS]--program PATH: Path to the program to test (default: ./vulnerable)--sizes SIZE_LIST: Comma-separated list of input sizes (e.g., 10,100,1000)--type TYPE_LIST: Space-separated list of input types (e.g., repeat random integer). Available types: repeat, random, special, format, heap, integer, path, mixed--exclude TYPE_LIST: Space-separated list of input types to exclude--stdin: Pass inputs via stdin instead of command-line arguments--prompt NUMBER: Number of input prompts for programs requiring multiple inputs (1-8, default: 1)--timeout SECONDS: Timeout for each test in seconds (default: 5)--log FILENAME: Log file for test results (default: test_results.txt)--verbose: Enable verbose output--help: Show help message
- Test for stack buffer overflow:
./buffer_tester --program ./Vulnerable_programme/stack_canary_vuln --sizes 20 --type repeat --timeout 5- Test for format string vulnerability:
./buffer_tester --program ./Vulnerable_programme/string_format_vuln --sizes 20 --type format --timeout 5- Test program with multiple inputs via stdin:
./buffer_tester --program ./Vulnerable_programme/multiple_input_vuln --sizes 20 --type repeat --stdin --prompt 3 --timeout 10- Test all vulnerabilities with verbose output:
./buffer_tester --program ./Vulnerable_programme/heap_overflow_vuln --sizes 10,50,100 --type heap integer path --verbose --timeout 5Buffer Tester generates input data based on the specified --type and --sizes, then feeds it to the target program either via command-line arguments or stdin. It captures the program's output and exit status, analyzing them for signs of vulnerabilities like:
- Stack Canary Bypass: Detects buffer overflows (e.g., "stack smashing detected").
- Heap Overflow: Identifies heap corruption (e.g., "memory corruption").
- Use-After-Free: Spots accesses to freed memory (e.g., "invalid pointer").
- Format String: Finds format string issues (e.g., memory address leaks).
- Integer Overflow: Detects arithmetic overflows (e.g., "integer overflow").
- Race Condition: Identifies threading issues (e.g., "race condition detected").
- Path Traversal: Catches unauthorized file access attempts (e.g., "/etc/passwd").
Results are logged to a file (default: test_results.txt) with details like test status (SUCCESS, CRASH, TIMEOUT, ERROR), execution time, and detected vulnerabilities.
Running:
./buffer_tester --program ./Vulnerable_programme/stack_canary_vuln --sizes 20 --type repeat --timeout 5
Log (test_results.txt):
--- TEST #1 ---
Program: Vulnerable_programme/stack_canary_vuln
Input size: 20 bytes
Input type: repeat
Result: CRASH
Details: Program terminated by signal 11
Execution time: 0.002 sec
Exit code: 11
VULNERABILITY DETECTED: STACK_CANARY_DETECTED - Stack buffer overflow detected
----------------------------------------This tool is designed for educational purposes and authorized security testing. Misusing it to harm systems or networks without permission is illegal and unethical. The author is not responsible for any misuse of this software. Always obtain explicit permission before testing any program or system.
Feel free to open issues or submit pull requests with improvements, bug fixes, or new test programs. Suggestions for new input types or vulnerability detection methods are welcome!
This project is licensed under the MIT License. See the LICENSE file for details.