pl
en
In previous blog post possible areas that can be optimized for speed has been discussed. From that list an interesting approach based on distributed computing reveals itself. You can distribute both attack library generation as well as sending those requests from library to the target. Such approach allows to solve some time problems both based on the speed of Python interpreter as well as other with roots outside of Python environment. Python also provides programmer with quite good RPC options including RPC-XML and CORBA. Within few hundred lines of code one can implement his own RPC server – take a look at Sulley source code for such implementation based on socket class only.
Dividing attack library into equal parts between fuzzing servers has one important advantage: you don’t have to worry about synchronization, concurrency and race situations. Problem starts when you would like to extend attack library base on recent responses from the target. This requires to assure that certain request has not been processed already by other servers. At the end we are returning to the attack library generation issue – in some cases it is not possible to predict its state at the end of fuzzing process.