Several scripts are available to ease the generation of client / server certificates so as to running client / server commands for testing purpose with gdb.
This is the main command that can bootstrap all the environment.
run.sh run_vuln_server
- Fetch OpenSSL source code, statically compile it with debug symbols. It also adds CFLAGS to generate expand files, useful to generate call graph.
- Build server certificate chains
- Build client certificate chains
- start server gdb session with previously openssl binary compiled at step1. Gdb commands will:
- set a breakpoint on the vulnerable function
- run the server command
Finally as displayed in the script, you just need to trigger the server's vulnerable function with the following command:
cd client && ./run_client.sh
run.sh compile
Fetches OpenSSL source code, statically compiles it with debug symbols. It also adds CFLAGS to generate expand files, useful to generate call graph.
run.sh build_client
Rebuilds the client certificate chains. Useful if you updated the client configuration and just want to use the new certs.
run.sh build_server
Behaves like the previous command but server related.
run.sh clean
These commands will delete all files created at build step. You can clean globally by calling clean, or just for server with clean_server, just for client with clean_client