testingfuzzingfuzz-testing

Does a Fuzz Testing Tool use the TCP/IP Stack of the Operating System?


Fuzz testing tools generate malformed packets of protocols. Do they use their own TCP/IP stack to generate these malformed packets? Does the operating system's TCP/IP stack play any role in Fuzz testing? I am working on a MPLS Fuzz testing tool running on Windows 7 OS. The tool is testing a MPLS stack on a Linux machine. Does my test tool use the windows stack? I was told that windows does not support MPLS but the test tool works just fine.


Solution

  • Any tool that doesn't rely on kernel modifications will have to go through the OS's networking stack. This doesn't mean that they necessarily have to use the networking stack's TCP/IP support: many OSes support APIs like SOCK_RAW+IP_HDRINCL (Windows, BSD, OS X)/PF_PACKET (Linux) which lets you build your own packets (which do not have to be TCP, or even IP).

    This means that userspace tools are free to bypass the TCP/IP handling in the OS and roll their own packets so long as the OS provides the necessary support (and most major ones do).