Fuzz Testing Serial Port Protocols

Overview

This topic describes how to use beSTORM to fuzz test an RS-232 serial port, or a USB-based device that can emulate a serial port.

Testing environment requirements

  • beSTORM 10.0.0 or later (licensed)

  • Windows 10 or later

  • PuTTY (or any application that can communicate with a serial port)

  • A device that can connect to an RS-232 serial port, or a USB-based device that can emulate a serial port (either version will be the device under test [DUT])

Connecting the hardware

  1. Connect the DUT to the computer where beSTORM is currently installed.

  2. In Windows, open Device Manager and confirm the device is detected by the computer. Make note of the COM number.

  3. Open PuTTY.

  4. Change Connection type to Serial.

  5. In the Serial line box, enter COM and the number you made note of in step 2.

  6. Leave Speed set to the default 9600 value.

  7. Select Open.

  8. In the console window, enter ATI to verify the serial device is working correctly.

Fuzzing with beSTORM

To fuzz with a serial port protocol in beSTORM, do the following:

  1. Open beSTORM Client.

  2. Select New Project. The beSTORM New Project Wizard opens.

  3. On the Welcome page, do the following:

    1. In the Project Name box, enter a name.

    2. Optionally, select a different file location for your project in the Location Name box.

    3. Leave Please select the wizard set to Simple.

    4. Leave Perform a port scan, and service detection and assist me in choosing the relevant module unchecked.

  4. Select Next.

  5. On the Basic Configuration page, in the beSTORM's predefined modules list, select the appropriate module from the Serial category for your test.

    The master module types first send out information and then wait for a response. The slave module types first wait for the device to communicate and then send a response. By running PuTTY as described in Connecting the hardware, you can determine if the device you are testing sends information upon connection or only when it is sent information.

  6. Select Next.

  7. On the Module Environment page, confirm the parameter values are correct (these can vary based on the module). Most devices will need a few milliseconds to seconds between requests, so adjust the Wait between Tests parameter if necessary.

  8. Select Next.

  9. On the Test Selection page, select the request types you want to fuzz.

  10. Select Next.

  11. On the Extra Configuration page, leave all parameters to their default setting.

  12. Select Next.

  13. On the Complete beSTORM wizard page, select Finish to begin fuzzing, or clear the Auto-start beSTORM scan now checkbox to run the test later.

  14. Once your test begins, if an exception occurs (that is, an attack was successful), a message will appear in an Exception Information dialog informing you that the router is not responding. This indicates a possible vulnerability. Testing will resume after five seconds unless you select Pause Test.

  15. When fuzzing is complete, select Report > Generate Report from the beSTORM Client to generate a more comprehensive report of your Configuration page.