EnglishFrenchSpanish

OnWorks favicon

bfbtester - Online in the Cloud

Run bfbtester in OnWorks free hosting provider over Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator

This is the command bfbtester that can be run in the OnWorks free hosting provider using one of our multiple free online workstations such as Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator

PROGRAM:

NAME


bfbtester - Brute Force Binary Tester

SYNOPSIS


bfbtester [-htv] [-d level] [-r rejects] [-o out-file] [-x max-execs] -a|[-sme] files ...

DESCRIPTION


BFBTester is great for doing quick, proactive, security checks of binary programs.
BFBTester will perform checks of single and multiple argument command line overflows as
well as environment variable overflows. BFBTester can also watch for tempfile creation
activity to alert the user of any programs using unsafe tempfile names. While BFBTester
can not test all overflows in software, it is useful for detecting initial mistakes that
can red flag dangerous software.

OPTIONS


You must specify one or more of the following tests:

-s Single Argument Test.

-m Multiple Argument Test.

-e Environment Variable Test.

-a Selects all tests
Other options:

-h Print help.

-t Enable tempfile monitoring.

-v Print version string.

-d level
Set debug level (default = 0, max = 2).

-r rejects
Comma separated list of binaries to skip.

-o out-file
Output to out-file rather than stdout.

-x max-execs
Set maximum executables to run in parallel (default = 250).

file Specific binary or a directory of binaries to test.

OVERVIEW


You must specify at least one test to run and you must specify either a binary or a
directory.

Executable selection is now done in one of several ways:

If the executable filename is specified with a leading slash (an absolute path), no
selection is used and the supplied absolute filename is used.

If there is no leading slash in the filename the selection is made in one of two ways (in
this order):
1) Prepend file name with $PWD and test accesiblity
2) Search through $PATH and find first accessible executable The first one to succeed is
the executable choosen.

If the filename found is a directory, we walk the directory (one level deep) looking for
executable binaries.

Symbolic links are followed.

You can specify binaries to skip (useful when loading a whole directory) by using the -r
option.

The following is a crash report:

*** Crash </usr/bin/patch> ***
args: -D [05120]
envs: (null)
Signal: 11 ( Segmentation fault )
Core? Yes

This means "/usr/bin/patch" crashed when fed with an "-D" and a word 5,120 characters
long:

$ /usr/bin/patch -D AAA...5,120 characters...AAA

(Numbers in brackets mean replace with a word that many characters long)

BFBTester is very CPU intensive, and will open many files, so you probably don't want to
run it on a production machine during it's busiest period. Just a warning...

EXAMPLES


bfbtester -s /usr/bin
Run the single argument test on all binaries in folder /usr/bin.

bfbtester -ta patch traceroute
Run all tests against patch and traceroute and run the tempfile monitor.

bfbtester -a ./bfbtester
Tests bfbtester (provided it's in the same directory).

bfbtester -r kill /usr/bin/kill
Does nothing.

Use bfbtester online using onworks.net services


Free Servers & Workstations

Download Windows & Linux apps

  • 1
    strace
    strace
    The strace project has been moved to
    https://strace.io. strace is a
    diagnostic, debugging and instructional
    userspace tracer for Linux. It is used
    to monitor a...
    Download strace
  • 2
    gMKVExtractGUI
    gMKVExtractGUI
    A GUI for mkvextract utility (part of
    MKVToolNix) which incorporates most (if
    not all) functionality of mkvextract and
    mkvinfo utilities. Written in C#NET 4.0,...
    Download gMKVExtractGUI
  • 3
    JasperReports Library
    JasperReports Library
    JasperReports Library is the
    world's most popular open source
    business intelligence and reporting
    engine. It is entirely written in Java
    and it is able to ...
    Download JasperReports Library
  • 4
    Frappe Books
    Frappe Books
    Frappe Books is a free and open source
    desktop book-keeping software that's
    simple and well-designed to be used by
    small businesses and freelancers. It'...
    Download Frappe Books
  • 5
    Numerical Python
    Numerical Python
    NEWS: NumPy 1.11.2 is the last release
    that will be made on sourceforge. Wheels
    for Windows, Mac, and Linux as well as
    archived source distributions can be fou...
    Download Numerical Python
  • 6
    CMU Sphinx
    CMU Sphinx
    CMUSphinx is a speaker-independent large
    vocabulary continuous speech recognizer
    released under BSD style license. It is
    also a collection of open source tools ...
    Download CMU Sphinx
  • More »

Linux commands

crm
crm
Use crm online using onworks.net
services. ...
Run crm
  • 4
    crmgr
    crmgr
    crmgr - administration utility for QDBM
    Curia ...
    Run crmgr
  • 5
    gappletviewer
    gappletviewer
    gappletviewer - Load and runs an applet
    ...
    Run gappletviewer
  • 6
    gaps
    gaps
    mummer - package for sequence alignment
    of multiple genomes ...
    Run gaps
  • s-processed="true">
    g15stats
    g15stats - A CPU/Memory/Swap usage
    meter for G15Daemon DESCRIPTION: The
    packages provides the following usage
    meter for LCD on some Logitech
    keyboards, usind g...
    Run g15stats
  • More »
  • Ad