Monday, August 1, 2011

CERT Basic Fuzzing Framework in VirtualBox

So CERT has released an ever-improved version of their Basic Fuzzing Framework (BFF) and you might wanna play with it.
But then, you discover that it is distributed as VMWare image. Maybe you work in a company that would like to avoid spending for a license, or you might be a free software zealot.

So here is how to use it with VirtualBox OSE. I hope I didn't mess up some of those instructions...

1. Install VirtualBox. In Fedora 15, you would enable the RPM Fusion repositories and then run
sudo yum install VirtualBox-OSE
2. After downloading the Debian image from the link above, unzip the file
3. Set up a new virtual machine with the vmdk file you installed
4. Set up a shared folder named fuzz and make it auto-mounting
5. Run the virtual machine
6. Get the VM Guest Additions as follows:
wget http://download.virtualbox.org/virtualbox/4.0.4/VBoxGuestAdditions_4.0.4.iso
sudo cp VBoxGuestAdditions_4.0.4.iso /usr/lib/virtualbox/VBoxGuestAdditions.iso
7. Mount the additions ISO clicking on Devices > Install Guest Additions and then
sudo mount /dev/cdrom2 /cdrom
cd /cdrom ; ./VBoxLinuxAdditions.run ; cd /
sudo umount /cdrom
8. Set up the user to use the Virtual Box group as the default group
sudo usermod -g vboxsf fuzz
9. Add a symlink where the framework expects the shared folder to be installed:
cd /mnt/hgfs; sudo ln -s /media/sf_fuzz fuzz
10. Restart the virtual machine, and you should be ready.

No comments:

Post a Comment