npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

mqtt-packet-fuzzy

v0.1.0

Published

Radamsa fuzzer backed mqttjs/[email protected] for blind MQTT protocol fuzzing.

Downloads

4

Readme

mqtt-packet-fuzzy

A radamsa fuzzer-enabled version of [email protected] for testing.

mqtt-packet-fuzzy is a fork of mqttjs/mqtt-packet@5.6.0 which instruments the writeToStream functionality of mqtt-packet with a radamsa-backed fuzzing system. This allows security testers to fuzz MQTT protocols without having to dump testcases, circumvent pinning, strip TLS, et cetera. Take a real Node.js MQTT client that depends on mqtt-packet@^5.0.0, replace mqtt-packet with this package, and let the low-level hooking do all the fuzzing for you.

mqtt-packet-fuzzy does not require an existing radamsa fuzzer to be on the device path; it uses sinkdweller to handle radamsa offload, which works on Windows, Linux and macOS at the time of this writing.

Usage

For an existing client that uses mqtt-packet, do a normal npm install. Then, remove the mqtt-packet in the node_modules folder and replace it with the contents of this repository. Since it is mqtt-packet, nothing changes except for its output. Then, simply enable the fuzzing for your client with the environment variable:

$ MQTT_FUZZ_ENABLE=1 node /path/to/my/client.js

Most of the fuzzer code is in fuzzMaybe.js.

Customizing the fuzzer

In order to stay as much out of the way as possible but still allow customization, mqtt-packet-fuzzy options can be modified by using environment variables. This allows your tests to omit some packet types, payloads, or specific strings, which may be useful to get further down a logic tree than you would get simply spewing MQTT chaos over the wire.

Enabling the fuzzer

  • MQTT_FUZZ_ENABLE — {0, 1} — Whether or not to enable the fuzzer. The fuzzer will not run unless MQTT_FUZZ_ENABLE=1. Default: 0

Protocol-specific options (default all to 1 (on))

  • MQTT_FUZZ_FLAGS — {0, 1} — Fuzz MQTT control flags.
  • MQTT_FUZZ_HEADERS — {0, 1} — Fuzz control headers.
  • MQTT_FUZZ_LENGTHS — {0, 1} — Fuzz packet lengths.
  • MQTT_FUZZ_NUMBERS — {0, 1} — Fuzz any number being written.
  • MQTT_FUZZ_PROTOCOL_VERSION — {0, 1} — Fuzz protocol versions.
  • MQTT_FUZZ_STRINGS — {0, 1} — Fuzz strings (payloads).

Fuzzer control options

  • MQTT_FUZZ_SEED — {'timestamp', Number} — Set the radamsa seed. timestamp will use the current timestamp from new Date().getTime() as the radamsa seed. This is useful for fuzzing when you can see logs on the other side and correlate crashes to timestamps, as it helps in reproducing a testcase. Default timestamp
  • MQTT_FUZZ_SHOW_IO — {0, 1} — Show input/output on console.debug. Useful when using traceback to save or parse testcases. Default 0
  • MQTT_FUZZ_SKIP_CONTAINING — {String} — Skip any strings containing this string, and do not fuzz the input. This is useful to skip over auth tokens, etc. where you may need to have them complete to move further in the broker logic. Default ''
  • MQTT_FUZZ_SKIP_FIRST_INPUTS — {Number} — Skip the first n inputs. Useful for running the fuzzer where the beginning few MQTT messages need to be proper in order to set up a connection and do more. Default 0

License

© 2019 rarecoil. MIT.