Trying to write an HTTP fuzzer

[AshrafIbrahim03]

Wasnt't sure if there was a forum to post questions, so I figured I'd ask here. As the title says, I'm trying to write an HTTP fuzzer for practice, but right now I'm kind of stuck at how to link things together. I'm writing an HTTPFeedback that holds a set of HTTP codes, and the idea is that in its is_interesting function, it will see if the HTTP status code is in its set, and return a value based on that. The only problem is, how do I communicate the returned HTTP status code to the feedback? Would I do that through the ExitKind or state or something else?

Thanks if you're able to help out, and if this isn't the right place to ask, I'd be more than happy to repost my question somewhere else.

[domenukk]

I would say that just the http status code might not be enough feedback for some really useful fuzzing (albeit possible).
But in general, yes, a HTTPFeedback should be straight forward. Store previously seen codes in a custom Metadata, then check if the current code is new or not (i.e., use a set or a bloom filter).

Maybe also take a look at https://github.com/TNO-S3/WuppieFuzz for inspiration, it sounds very much related.