[Owasp-JBroFuzz] stack trace because default log directory IOException

Ivan Buetler ivan.buetler at csnc.ch
Tue Sep 21 17:15:34 EDT 2010


Hi all,

This week, I was testing the new JBroFuzz version on the Hacking-Lab
LiveCD (Xubuntu based). But in my environment the tool raised several
java stack trace errors. See the evidence movie here: 

http://media.hacking-lab.com/movies/jbrofuzz/


The OWASP-JBROFUZZ team responded with:

=========
On 0:41 of the video, the first stack trace appears, this is an
IOException.

>From the svn code in Logger.java :

               // If the directory does not exist, create it.
               if (!logDirectory.exists()) {
                       final boolean success = logDirectory.mkdirs();
                       if (!success) {
->                              throw new IOException();
                       }

               }

       }

Please check your preferences -> Directory locations (2 scenarios):

 * specify a directory that the user you are launching the tool from has
744 in (plus all paths to get to it:)
 * untick the box option and run jbrofuzz, by default this should create
all files in the current launch directory

========
This was my answer

Hi all,
Your solution worked for me. Creating a tempfuzz dir within $PROG with
744 solved the issue. Perhaps the log dir should be set per default
after untar/gzipping the jbrofuzz archive?

Thanks for your help
Ivan

=======
And this is the final response from JBROFUZZ

Great! I have already raised this with the relevant developer for coding
the Logger interface.

=======


Thanks to the folks from JBroFuzz for their fast response and support. 

Hope to see you at AppSec DC Washington - where I am going to talk about
compiling/configuring an Open Source Web App Firewall with Pre
Authentication, Session Hiding in front of Facebook!

-> Join the wargame and CTF of Swiss Cyber Storm 3 Security Conference.
The main price is a car (CHF 30'000 / this is currently about USD
30'000)


www.swisscyberstorm.com


Cheers
Ivan Buetler
Compass Security AG
Switzerland







More information about the owasp-jbrofuzz mailing list