-
Notifications
You must be signed in to change notification settings - Fork 339
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Creating a field containting n bits #101
Comments
I ran into the same problem. AFAIK there is no such functionality yet. A lot of protocols align bit fields on byte boundaries. If you have, say, a 1-bit field, followed by a 3-bit field, followed by a 4-bit field, your easy solution may be to create a byte field and fuzz all combinations. Thankfully there are only 256 combos for a single byte. |
You could add a new primitive and an encoding method. I had to add a length-value type field so I extended a dword, specified max size and added an encoding in the render function |
@truekonrads Do you have an example of such extension you did? |
In elif self.format == "varlenint":
rendered = enc_varlenint(self.value)
self.rendered = rendered in def s_varlenint (value, full_range=False, fuzzable=True, name=None):
'''
Push a quad word onto the current block stack.
@see: Aliases: s_double()
@type value: Integer
@param value: Default integer value
@type endian: Character
@param endian: (Optional, def=LITTLE_ENDIAN) Endianess of the bit field (LITTLE_ENDIAN: <, BIG_ENDIAN: >)
@type format: String
@param format: (Optional, def=binary) Output format, "binary" or "ascii"
@type signed: Boolean
@param signed: (Optional, def=False) Make size signed vs. unsigned (applicable only with format="ascii")
@type full_range: Boolean
@param full_range: (Optional, def=False) If enabled the field mutates through *all* possible values.
@type fuzzable: Boolean
@param fuzzable: (Optional, def=True) Enable/disable fuzzing of this primitive
@type name: String
@param name: (Optional, def=None) Specifying a name gives you direct access to a primitive
'''
qword = primitives.qword(value, "<", "varlenint", False, full_range, fuzzable, name,max_num=16777215)
blocks.CURRENT.push(qword) hope it helps |
For a protocol I want to fuzz I need to use fields consisting of one or multiple bits. It appears to me that I can only use a full Byte in Sulley. Even the
bit_field()
will produce a complete Byte. How could I create a single Bit or, say, a four Bit field?The text was updated successfully, but these errors were encountered: