Fuzz Testing with the PTPv2 Client Protocol

Overview

The Precision Time Protocol (PTP) is a synchronization protocol for networked measurement and control systems. This topic describes how to test the Precision Time Protocol v2 (IEEE1588-2008) specifically as a subordinate (server) implementation. beSTORM will act as a primary (client) with this protocol.

Testing environment requirements

• beSTORM 13.3.0 or later (licensed)

• Windows 10 or later

• A device that supports the PTPv2 protocol, specifically as a subordinate implementation (this will be the device under test [DUT])

Fuzzing with beSTORM

To fuzz with the PTPv2 Client protocol in beSTORM, do the following:

1. Using a network cable, connect the PTPv2-supported device (DUT) to the beSTORM computer's Ethernet adapter.

2. Open beSTORM Client.

3. Select New Project. The beSTORM New Project Wizard opens.

4. On the Welcome page, do the following:

   1. In the Project Name box, enter a name.

   2. Optionally, select a different file location for your project in the Location Name box.

   3. For Please select the wizard, select Advanced.

   4. Leave Perform a port scan, and service detection and assist me in choosing the relevant module unchecked.

      

5. Select Next.

6. On the Basic Configuration page, do the following:

   1. In thebeSTORM's predefined modules list, select PTPv2 (IEEE1588-2008) Client.

   2. In the Hostname or IP address box, enter the DUT's IP address.

   3. Leave Protocol and Remote Port to their default settings.

      

7. Select Next.

8. On the Advanced Configuration page, adjust Scale Type to reduce the number of combinations and overall testing duration. For the least number of combinations and shortest testing duration, select Base10.

   

9. Select Next.

10. On the Module Environment page, verify the following default values appear in the corresponding Value box for each parameter:

    1. Remote Hostname – DUT's IP address.

    2. Remote Port - 319.

    3. Remote Protocol Type - udp.

    4. Source Port – 3190.

       

11. Select Next.

12. On the Test Selection page, select the PTPv2 request types you want to fuzz.

    

13. Select Next.

14. On the Extra Configuration page, do the following:

    1. Select the ARP Echo, ICMP Echo, and UDP Echo checkboxes.

    2. Set the Monitored IP Address to the router's IPv4 address.

    3. Leave all other parameters to their default setting.

       

15. Select Next.

16. On the Complete beSTORM wizard page, select Finish to begin fuzzing, or clear the Auto-start beSTORM scan now checkbox to run the test later.

17. Once your test begins, if an exception occurs (that is, an attack was successful), a message will appear in an Exception Information dialog informing you that the router is not responding. This indicates a possible vulnerability. Testing will resume after five seconds unless you select Pause Test.

    

18. When fuzzing is complete, select Report > Generate Report from the beSTORM Client to generate a more comprehensive report of your Configuration page.