- Technology
- SEE MORE
- classical
- general
- talk
- News
- Family
- Bürgerfunk
- pop
- Islam
- soul
- jazz
- Comedy
- humor
- wissenschaft
- opera
- baroque
- gesellschaft
- theater
- Local
- alternative
- electro
- rock
- rap
- lifestyle
- Music
- como
- RNE
- ballads
- greek
- Buddhism
- deportes
- christian
- piano
- djs
- Dance
- dutch
- flamenco
- social
- hope
- christian rock
- academia
- afrique
- Business
- musique
- ελληνική-μουσική
- religion
- World radio
- Zarzuela
- travel
- World
- NFL
- media
- Art
- public
- Sports
- Gospel
- st.
- baptist
- Leisure
- Kids & Family
- musical
- club
- Culture
- Health & Fitness
- True Crime
- Fiction
- children
- Society & Culture
- TV & Film
- gold
- kunst
- música
- gay
- Natural
- a
- francais
- bach
- economics
- kultur
- evangelical
- tech
- Opinion
- Government
- gaming
- College
- technik
- History
- Jesus
- Health
- movies
- radio
- services
- Church
- podcast
- Education
- international
- Transportation
- Other
- kids
- podcasts
- philadelphia
- Noticias
- love
- sport
- Salud
- film
- and
- 4chan
- Disco
- Stories
- fashion
- Arts
- interviews
- hardstyle
- entertainment
- humour
- medieval
- literature
- alma
- Cultura
- video
- TV
- Science
- en
Jeremy Rauch: PDB: The Protocol DeBugger
b'It\'s late. You\'ve been assigned the unenviable task of evaluating the security of this obtuse application suite. 2006! Why doesn\'t everything just use SSL as its transport? No time for excuses. Deadlines loom, and you need to figure this out. And when you do figure it out, write your own fuzzer client.\\n\\t\\n\\tThis sucks.\\n\\t\\n\\t(pdb) module add MyAction pdb-ruby.so cifs-ruby.rb\\n\\t(pdb) rule add MyRule dst port 445\\n\\t(pdb) rule action MyRule MyAction\\n\\t(pdb) rule list\\n\\tMyRule: dst port 445\\n\\tAction 0: debugger\\n\\tAction 1: MyAction\\n\\t(pdb) go\\n\\t...\\n\\t(pdb) print\\n\\t00000000: 45 10 00 3c 70 86 40 00 E...p...\\n\\t00000008: 40 06 00 00 c0 a8 02 06 ........\\n\\t00000010: c0 a8 02 56 d8 a0 01 bd ...V....\\n\\t00000018: 1e 76 1b 71 00 00 00 00 .v.q....\\n\\t00000020: a0 02 ff ff 14 1b 00 00 ........\\n\\t00000028: 02 04 05 b4 01 03 03 00 ........\\n\\t00000030: 01 01 08 0a 20 4a 7c b1 .....J..\\n\\t00000038: 00 00 00 00 ....\\n\\t(pdb) x/b 0x8\\n\\t40\\n\\t(pdb) e/b 0x8 0x20\\n\\t(pdb) print\\n\\t00000000: 45 10 00 3c 70 86 40 00 E...p...\\n\\t00000008: 20 06 00 00 c0 a8 02 06 ........\\n\\t00000010: c0 a8 02 56 d8 a0 01 bd ...V....\\n\\t00000018: 1e 76 1b 71 00 00 00 00 .v.q....\\n\\t00000020: a0 02 ff ff 14 1b 00 00 ........\\n\\t00000028: 02 04 05 b4 01 03 03 00 ........\\n\\t00000030: 01 01 08 0a 20 4a 7c b1 .....J..\\n\\t00000038: 00 00 00 00 ....\\n\\t(pdb) continue\\n\\tcifs-ruby.rb performing packet alteration...\\n\\t...\\n\\t\\n\\tBut wait, whats this? A tool chain geared around dissecting protocols like a code debugger slices through code? A protocol generation and manipulation framework with a clean, consistent interface, thats scripted instead of compiled? And a fuzzing framework to go along with it? You\'re saved! Or at least, maybe you\'ll get to sleep before the sun comes up.\\n\\t\\n\\tPDB is a Protocol DeBugger. GDB meets a transparent proxy. Conditionally break based on BPF filters. Modify protocol contents on the fly. Build custom actions that let you manipulate how you speak on the network. Or manually edit protocol fields and send the packets along.\\n\\t\\n\\tRacket is a protocol generation and manipulation library, in Ruby. Why Ruby? Why not. Use it as a way of writing PDB actions, or on its own. We\'re flexible that way.\\n\\t\\n\\tRamble is a Ruby based fuzzing framework. Set it going, and it just goes on and on and on. We know people like that-but unlike them, Ramble is helpful. Automates the protocol testing you\'re going to have to do to get full coverage. Do the hard stuff by hand. Use Ramble to do the repetitive stuff."'