I’m orking with this Peach Pit file. File is parsed without errors, but when I try to run the file, the local agent window says:
] Peach 2.3.9 DEV Runtime
] Copyright (c) Michael Eddington
] Peach Agent
//-> Listening on [9000] with no password
Agent: clientHello()
Agent: Session ID: 084a2ce1-d57e-11e1-b115-e839355f54fa
Agent: clientHello() all done
Agent: startMonitor(Named_64)
code: debugger.WindowsDebugEngine(msg.params)
WindowsDebugEngine::__init__()
Agent: Sending Ack
Agent: startMonitor(Named_67)
code: process.PageHeap(msg.params)
Warning: pageheap.exe is running inside WOW64.
This scenario can be used to test x86 binaries (running inside WOW64)
but not native (IA64) binaries.
Error: Cannot open image registry key for winrar.exe
Agent: Sending Ack
Agent: onTestStarting()
_StopDebugger() – force: False
Agent: onPublisherCall(): ScoobySnacks
WindowsDebugEngineProcess_run
Process Process-1:
Traceback (most recent call last):
File “C:\Python27\lib\multiprocessing\process.py”, line 258, in _bootstrap
self.run()
File “C:\Python27\lib\multiprocessing\process.py”, line 114, in run
self._target(*self._args, **self._kwargs)
File “C:\Peach2.3\Peach\Agent\debugger.py”, line 364, in WindowsDebugEnginePro
cess_run
dbg_eng_dll_path = WinDbg)
File “C:\Python27\lib\site-packages\PyDbgEng\ProcessCreator.py”, line 30, in _
_init__
self.idebug_client.CreateProcess(Server=UserModeSession.NO_PROCESS_SERVER, C
ommandLine = command_line, CreateFlags = creation_flags)
COMError: (-2147024846, ‘Beg\xe4ran st\xf6ds inte.’, (None, None, None, 0, None)
)
I typically don’t fuzz on x64 so not sure if it’s something specific to that archtecture that could be causing your issue. The only thing I can recommend is verifying that CommandLine parameter in your publisher. If you’re still not having any luck, your best bet would be to ask on the Peach Fuzzer Google Groups page.
July 24th, 2012 on 11:06 am
I’m orking with this Peach Pit file. File is parsed without errors, but when I try to run the file, the local agent window says:
] Peach 2.3.9 DEV Runtime
] Copyright (c) Michael Eddington
] Peach Agent
//-> Listening on [9000] with no password
Agent: clientHello()
Agent: Session ID: 084a2ce1-d57e-11e1-b115-e839355f54fa
Agent: clientHello() all done
Agent: startMonitor(Named_64)
code: debugger.WindowsDebugEngine(msg.params)
WindowsDebugEngine::__init__()
Agent: Sending Ack
Agent: startMonitor(Named_67)
code: process.PageHeap(msg.params)
Warning: pageheap.exe is running inside WOW64.
This scenario can be used to test x86 binaries (running inside WOW64)
but not native (IA64) binaries.
Error: Cannot open image registry key for winrar.exe
Agent: Sending Ack
Agent: onTestStarting()
_StopDebugger() – force: False
Agent: onPublisherCall(): ScoobySnacks
WindowsDebugEngineProcess_run
Process Process-1:
Traceback (most recent call last):
File “C:\Python27\lib\multiprocessing\process.py”, line 258, in _bootstrap
self.run()
File “C:\Python27\lib\multiprocessing\process.py”, line 114, in run
self._target(*self._args, **self._kwargs)
File “C:\Peach2.3\Peach\Agent\debugger.py”, line 364, in WindowsDebugEnginePro
cess_run
dbg_eng_dll_path = WinDbg)
File “C:\Python27\lib\site-packages\PyDbgEng\ProcessCreator.py”, line 30, in _
_init__
self.idebug_client.CreateProcess(Server=UserModeSession.NO_PROCESS_SERVER, C
ommandLine = command_line, CreateFlags = creation_flags)
COMError: (-2147024846, ‘Beg\xe4ran st\xf6ds inte.’, (None, None, None, 0, None)
)
July 24th, 2012 on 3:43 pm
I typically don’t fuzz on x64 so not sure if it’s something specific to that archtecture that could be causing your issue. The only thing I can recommend is verifying that CommandLine parameter in your publisher. If you’re still not having any luck, your best bet would be to ask on the Peach Fuzzer Google Groups page.
October 11th, 2012 on 3:12 am
hi pyoor,can you leave your email adrress?I have read your tutorials,and have some questions!I want to discuss with you via email!