def start(): parse() print_status('Get input...') print_status('Fuzzing take turns...') while task.domains or task.ips or task.rootdomains: if task.domains: domain = task.domains.pop() level = get_level(domain) print_status('Fuzzing %s domains[level:%s]...' % (domain, str(level+1))) if level < control.max_level: print_status('[domain2ip]Get ip by domain...') ip = Domain2Ip().get_value(domain) if ip: add_ip_task(ip, level+1, 'domain2ip', remark='') print_good('Get ip %s' % ip) print_status('[rootdomain]Get rootdomain by domain...') root_domain = Domain.get_root_domain(domain) if root_domain: add_rootdomain_task(root_domain, level+1, 'rootdomain', remark='') print_good('Get root_domain %s' % root_domain) result.domains.add(domain) if task.rootdomains: root_domain = task.rootdomains.pop() level = get_level(root_domain) print_status('Fuzzing %s rootdomains[level:%s]...' % (root_domain, str(level+1))) if level < control.max_level: ip = Domain2Ip().get_value(root_domain) print_status('[domain2ip]Get ip by domain...') if ip: add_ip_task(ip, level+1, 'domain2ip', remark='') print_good('Get ip %s' % ip) print_status('[icp]Get rootdomains by rootdomains...') root_domains = ICP.get_rootdomains_by_domain(root_domain) print_good('Get root_domain num:%s' % str(len(root_domains))) for rd in root_domains: add_rootdomain_task(rd, level+1, 'icp', remark='') print_status('[subdomain]Get domains by rootdomain...') domains = SubDomain().get_subdomain_by_links(root_domain) print_good('Get domains num:%s' % str(len(domains))) for domain in domains: add_domain_task(domain, level+1, 'subdomain', remark='') result.rootdomains.add(root_domain) if task.ips: ip = task.ips.pop() level = get_level(ip) print_status('Fuzzing %s ips[level:%s]...' % (ip, str(level+1))) if level < control.max_level: print_status('[ip2domain]Get domains by ip...') domains = Ip2Domain().get_domains_by_ip(ip) print_good('Get domains num:%s' % str(len(domains))) for domain in domains: add_domain_task(domain, level+1, 'ip2domain', remark='') result.ips.add(ip) output() print_status('Complete Fuzzing!')
def makeWindows(args): assert args.size is not None, "Need to specify buffer size" assert args.buffer is not None, "Need to specify buffer base address" logger.debug('Loading program %s (platform: Windows)', args.programs) additional_context = None if args.context: with open(args.context, "r") as addl_context_file: additional_context = cPickle.loads(addl_context_file.read()) logger.debug('Additional context loaded with contents {}'.format( additional_context)) #DEBUG constraints = ConstraintSet() platform = windows.SWindows(constraints, args.programs[0], additional_context, snapshot_folder=args.workspace) #This will interpret the buffer specification written in INTEL ASM. (It may dereference pointers) data_size = parse(args.size, platform.current.read_bytes, platform.current.read_register) data_ptr = parse(args.buffer, platform.current.read_bytes, platform.current.read_register) logger.debug('Buffer at %x size %d bytes)', data_ptr, data_size) buf_str = "".join(platform.current.read_bytes(data_ptr, data_size)) logger.debug('Original buffer: %s', buf_str.encode('hex')) offset = args.offset concrete_data = args.data.decode('hex') assert data_size >= offset + len(concrete_data) size = min(args.maxsymb, data_size - offset - len(concrete_data)) symb = constraints.new_array(name='RAWMSG', index_max=size) platform.current.write_bytes(data_ptr + offset, concrete_data) platform.current.write_bytes(data_ptr + offset + len(concrete_data), [symb[i] for i in xrange(size)]) logger.debug('First %d bytes are left concrete', offset) logger.debug('followed by %d bytes of concrete start', len(concrete_data)) hex_head = "".join( platform.current.read_bytes(data_ptr, offset + len(concrete_data))) logger.debug('Hexdump head: %s', hex_head.encode('hex')) logger.debug('Total symbolic characters inserted: %d', size) logger.debug('followed by %d bytes of unmodified concrete bytes at end.', (data_size - offset - len(concrete_data)) - size) hex_tail = "".join( map( chr, platform.current.read_bytes( data_ptr + offset + len(concrete_data) + size, data_size - (offset + len(concrete_data) + size)))) logger.debug('Hexdump tail: %s', hex_tail.encode('hex')) logger.info("Starting PC is: {:08x}".format(platform.current.PC)) return State(constraints, platform)
def main(): if len(sys.argv) < 2: return raw_content = row_file_open(sys.argv[1]) raw_lines = lparse(raw_content) context = Context() llparse(context, raw_lines) parse(context) codegen(context)
def items_import(self, request): item_serializer = ItemsFileSerializer(data=request.data) item_serializer.is_valid(raise_exception=True) errors_list = parse(item_serializer.validated_data['document']) error_serializer = ErrorSerializer(data=errors_list, many=True) error_serializer.is_valid(raise_exception=True) return Response(error_serializer.data)
def test_memFactorial(self): machine = IRMachine1() instructions, labels, inv_lbl, func_help = parse(tokenize(sp.samp17)) machine.run(instructions, labels, inv_lbl, func_help) self.assertEqual(machine.memory[100], 40320)
def test_incrementVariable(self): machine = IRMachine1() instructions, labels, inv_lbl, func_help = parse(tokenize(sp.samp18)) machine.run(instructions, labels, inv_lbl, func_help) self.assertEqual(machine.memory[0], 2)
def repl(prompt='pyscheme>> '): """ Live, interactive REPL for pyscheme. """ while True: val = evaluate(parse(raw_input(prompt))) if val is not None: print toString(val)
def get(self): today = date.today() results = parser.parse(today) if results: ndb.put_multi(results) memcache.delete('results') config = Config.get_master() config.last_refresh = datetime.now() config.put()
def test_swap(self): machine = IRMachine1() instructions, labels, inv_lbl, func_help = parse(tokenize(sp.samp16)) machine.run(instructions, labels, inv_lbl, func_help) self.assertEqual(machine.memory[50], 100) self.assertEqual(machine.memory[51], -1)
def test_nestedMemCalls(self): machine = IRMachine1() instructions, labels, inv_lbl, func_help = parse(tokenize(sp.samp6)) machine.run(instructions, labels, inv_lbl, func_help) self.assertEqual(machine.memory[10], 400) self.assertEqual(machine.sp, -1)
def test_assignmentSingleFunctionCallNestedMem(self): machine = IRMachine1() instructions, labels, inv_lbl, func_help = parse(tokenize(sp.samp4)) machine.run(instructions, labels, inv_lbl, func_help) self.assertEqual(machine.memory[50], 50) self.assertEqual(machine.sp, -1)
def test_moreRecursiveFunctionsWithFiller(self): machine = IRMachine1() instructions, labels, inv_lbl, func_help = parse(tokenize(sp.samp9)) machine.run(instructions, labels, inv_lbl, func_help) self.assertEqual(machine.memory[100], 1) self.assertEqual(machine.sp, -1)
def tests_memorySorted(self): machine = IRMachine1() instructions, labels, inv_lbl, func_help = parse(tokenize(sp.samp15)) machine.run(instructions, labels, inv_lbl, func_help) for i in range(20, 99): self.assertTrue(machine.memory[i] <= machine.memory[i + 1], 'Mem loc: {}'.format(i)) self.assertEqual(machine.sp, -1)
def test_moreCondsInFunctions(self): machine = IRMachine1() instructions, labels, inv_lbl, func_help = parse(tokenize(sp.samp10)) machine.run(instructions, labels, inv_lbl, func_help) self.assertEqual(machine.memory[100], 0) self.assertEqual(machine.sp, -1)
def tests_memoryAccessWithVariable(self): machine = IRMachine1() instructions, labels, inv_lbl, func_help = parse(tokenize(sp.samp14)) machine.run(instructions, labels, inv_lbl, func_help) for i in range(5, 25): self.assertEqual(machine.memory[i], 0) self.assertEqual(machine.sp, -1)
def test_noAssignmentInFunctionsRecursive(self): machine = IRMachine1() instructions, labels, inv_lbl, func_help = parse(tokenize(sp.samp3)) machine.run(instructions, labels, inv_lbl, func_help) self.assertEqual(machine.memory[100], 210) self.assertEqual(machine.memory[101], 40320) self.assertEqual(machine.sp, -1)
def test_palinString(self): machine = IRMachine1() instructions, labels, inv_lbl, func_help = parse(tokenize(sp.samp23)) machine.run(instructions, labels, inv_lbl, func_help) self.assertTrue(machine.memory[20] == 0) self.assertTrue(machine.memory[21] == 1) print('hello world.')
def test_incrementedMemory(self): machine = IRMachine1() instructions, labels, inv_lbl, func_help = parse(tokenize(sp.samp12)) machine.run(instructions, labels, inv_lbl, func_help) for i in range(5, 100): self.assertEqual(machine.memory[i], i) self.assertEqual(machine.sp, -1)
def test_bullshitFunctionCallsIsPrime(self): machine = IRMachine1() instructions, labels, inv_lbl, func_help = parse(tokenize(sp.samp5)) machine.run(instructions, labels, inv_lbl, func_help) self.assertEqual(machine.memory[50], 1) self.assertEqual(machine.memory[51], 0) self.assertEqual(machine.sp, -1)
def makeWindows(args): assert args.size is not None, "Need to specify buffer size" assert args.buffer is not None, "Need to specify buffer base address" logger.debug('Loading program %s', args.programs) additional_context = None if args.context: with open(args.context, "r") as addl_context_file: additional_context = cPickle.loads(addl_context_file.read()) logger.debug('Additional context loaded with contents {}'.format(additional_context)) #DEBUG constraints = ConstraintSet() platform = windows.SWindows(constraints, args.programs[0], additional_context, snapshot_folder=args.workspace) #This will interpret the buffer specification written in INTEL ASM. (It may dereference pointers) data_size = parse(args.size, platform.current.read_bytes, platform.current.read_register) data_ptr = parse(args.buffer, platform.current.read_bytes, platform.current.read_register) logger.debug('Buffer at %x size %d bytes)', data_ptr, data_size) buf_str = "".join(platform.current.read_bytes(data_ptr, data_size)) logger.debug('Original buffer: %s', buf_str.encode('hex')) offset = args.offset concrete_data = args.data.decode('hex') assert data_size >= offset + len(concrete_data) size = min(args.maxsymb, data_size - offset - len(concrete_data)) symb = constraints.new_array(name='RAWMSG', index_max=size) platform.current.write_bytes(data_ptr + offset, concrete_data) platform.current.write_bytes(data_ptr + offset + len(concrete_data), [symb[i] for i in xrange(size)] ) logger.debug('First %d bytes are left concrete', offset) logger.debug('followed by %d bytes of concrete start', len(concrete_data)) hex_head = "".join(platform.current.read_bytes(data_ptr, offset+len(concrete_data))) logger.debug('Hexdump head: %s', hex_head.encode('hex')) logger.debug('Total symbolic characters inserted: %d', size) logger.debug('followed by %d bytes of unmodified concrete bytes at end.', (data_size-offset-len(concrete_data))-size ) hex_tail = "".join(map(chr, platform.current.read_bytes(data_ptr+offset+len(concrete_data)+size, data_size-(offset+len(concrete_data)+size)))) logger.debug('Hexdump tail: %s', hex_tail.encode('hex')) logger.info("Starting PC is: {:08x}".format(platform.current.PC)) return State(constraints, platform)
def test_makeAscending(self): machine = IRMachine1() instructions, labels, inv_lbl, func_help = parse(tokenize(sp.samp20)) machine.run(instructions, labels, inv_lbl, func_help) a = machine.memory[0] self.assertEqual(machine.memory[a - 1], 10) for i in range(10): self.assertEqual(machine.memory[a + i], i)
def main(args=None): print(START_STR) try: from core.parser import parse from core.controllers.controller import start args = parse() start(args) except Exception, e: print e import traceback traceback.print_exc() sys.exit(1)
def main(): print(START_STR) try: from core.parser import parse from core.controllers.controller import start args = parse() start(args) except Exception, e: print e import traceback traceback.print_exc() sys.exit(1)
def test_basicMath(self): machine = IRMachine1() instructions, labels, inv_lbl, func_help = parse(tokenize(sp.samp1)) machine.run(instructions, labels, inv_lbl, func_help) self.assertEqual(machine.memory[50], 1) self.assertEqual(machine.memory[51], 180) self.assertEqual(machine.memory[52], 0) self.assertEqual(machine.memory[53], 1) self.assertEqual(machine.sp, -1)
def test_incrementVariable(self): instructions, labels, inv_lbl, func_help = parse(tokenize(sp.samp18)) lc3_conv = LC3Converter(instructions, labels, inv_lbl, func_help) tree, table, str_table = lc3_conv.convert() pure = flatten(tree) machine = Machine() machine.run(pure, table) self.assertEqual(machine.memory[machine.registers[SP] - 1], 2) self.assertEqual(machine.registers[SP], 0xF000)
def test_palinString(self): instructions, labels, inv_lbl, func_help = parse(tokenize(sp.samp23)) lc3_conv = LC3Converter(instructions, labels, inv_lbl, func_help) tree, table, str_table = lc3_conv.convert() pure = flatten(tree) machine = Machine() machine.run(pure, table, str_table) self.assertEqual(machine.memory[20], 0) self.assertEqual(machine.memory[21], 1)
def test_moreRecursiveFunctionsWithFiller(self): instructions, labels, inv_lbl, func_help = parse(tokenize(sp.samp9)) lc3_conv = LC3Converter(instructions, labels, inv_lbl, func_help) tree, table, str_table = lc3_conv.convert() pure = flatten(tree) machine = Machine() machine.run(pure, table) self.assertEqual(machine.memory[100], 1) self.assertEqual(machine.registers[SP], 0xF000)
def test_memFactorial(self): instructions, labels, inv_lbl, func_help = parse(tokenize(sp.samp17)) lc3_conv = LC3Converter(instructions, labels, inv_lbl, func_help) tree, table, str_table = lc3_conv.convert() pure = flatten(tree) machine = Machine() machine.run(pure, table) self.assertEqual(machine.memory[100], 40320) self.assertEqual(machine.registers[SP], 0xF000)
def tests_memoryAccessWithVariable(self): instructions, labels, inv_lbl, func_help = parse(tokenize(sp.samp14)) lc3_conv = LC3Converter(instructions, labels, inv_lbl, func_help) tree, table, str_table = lc3_conv.convert() pure = flatten(tree) machine = Machine() machine.run(pure, table) for i in range(5, 25): self.assertEqual(machine.memory[i], 0, i) self.assertEqual(machine.registers[SP], 0xF000)
def test_assignmentSingleFunctionCallNestedMem(self): instructions, labels, inv_lbl, func_help = parse(tokenize(sp.samp4)) lc3_conv = LC3Converter(instructions, labels, inv_lbl, func_help) tree, table, str_table = lc3_conv.convert() pure = flatten(tree) machine = Machine() machine.run(pure, table) self.assertEqual(machine.memory[50], 50) self.assertEqual(machine.registers[SP], 0xF000)
def tests_memorySorted(self): instructions, labels, inv_lbl, func_help = parse(tokenize(sp.samp15)) lc3_conv = LC3Converter(instructions, labels, inv_lbl, func_help) tree, table, str_table = lc3_conv.convert() pure = flatten(tree) machine = Machine() machine.run(pure, table) for i in range(20, 99): self.assertTrue(machine.memory[i] <= machine.memory[i + 1], 'Mem loc: {}'.format(i)) self.assertEqual(machine.registers[SP], 0xF000)
def test_bullshitFunctionCallsIsPrime(self): instructions, labels, inv_lbl, func_help = parse(tokenize(sp.samp5)) lc3_conv = LC3Converter(instructions, labels, inv_lbl, func_help) tree, table, str_table = lc3_conv.convert() pure = flatten(tree) machine = Machine() machine.run(pure, table) self.assertEqual(machine.memory[50], 1) self.assertEqual(machine.memory[51], 0) self.assertEqual(machine.registers[SP], 0xF000)
def test_noAssignmentInFunctionsRecursive(self): instructions, labels, inv_lbl, func_help = parse(tokenize(sp.samp3)) lc3_conv = LC3Converter(instructions, labels, inv_lbl, func_help) tree, table, str_table = lc3_conv.convert() pure = flatten(tree) machine = Machine() machine.run(pure, table) self.assertEqual(machine.memory[100], 210) self.assertEqual(machine.memory[101], 40320) self.assertEqual(machine.registers[SP], 0xF000)
def test_makeAscending(self): instructions, labels, inv_lbl, func_help = parse(tokenize(sp.samp20)) lc3_conv = LC3Converter(instructions, labels, inv_lbl, func_help) tree, table, str_table = lc3_conv.convert() pure = flatten(tree) machine = Machine() machine.run(pure, table) ptr_a = machine.memory[100] self.assertEqual(machine.memory[ptr_a - 1], 10) for i in range(10): self.assertEqual(machine.memory[ptr_a + i], i)
def test_memString2D(self): instructions, labels, inv_lbl, func_help = parse(tokenize(sp.samp28)) lc3_conv = LC3Converter(instructions, labels, inv_lbl, func_help) tree, table, str_table = lc3_conv.convert() pure = flatten(tree) machine = Machine() machine.run(pure, table, str_table) for i in range(5): if i % 2 == 0: for j in range(5): self.assertEqual(machine.memory[5 + i * 5 + j], ord('a')) else: for j in range(5): self.assertEqual(machine.memory[5 + i * 5 + j], ord('t'))
def main(args=None): """ Main function of 3102 when running from command line. """ try: paths.ROOT_PATH = modulePath() setPaths() banner() sys.path.insert(0, paths.THIRDPARTY_PATH) args = parse() start(args) except Exception, e: print e import traceback traceback.print_exc() sys.exit(1)
def _assertions_callback(self, state, instruction): pc = state.cpu.PC if pc not in self._assertions: return from core.parser import parse program = self._assertions[pc] #This will interpret the buffer specification written in INTEL ASM. # (It may dereference pointers) assertion = parse(program, state.cpu.read_int, state.cpu.read_register) if not solver.can_be_true(state.constraints, assertion): logger.info(str(state.cpu)) logger.info("Assertion %x -> {%s} does not hold. Aborting state.", state.cpu.pc, program) raise TerminateState() #Everything is good add it. state.constraints.add(assertion)
def compile(self,expr): if EXPR_CACHE.has_key(expr): return EXPR_CACHE[expr] ret=EXPR_CACHE[expr]=parse(expr) return ret
def test_unicode_epressions(self): self.assertEqual(parser.parse(u'X'), parser.parse('X'))
from subprocess import call from sys import argv import core.global_obj as global_obj import core.lang_wrappers as wrappers import core.execute_code as execute_code import core.parser as parser import os file_obj = argv[1] list_of_code = parser.parse(file_obj) os.mkdir("tmp") os.chdir("tmp") files_to_run = [] lists = [] dicts = [] for lang_obj in list_of_code: to_run = [] first_line = lang_obj[0] lang = first_line.split("start")[1].lstrip(" ") if lang == "cpp": lang_file = "tmp.cpp" if lang == "java": lang_file = "tmp.java" if lang == "python": lang_file = "tmp.py" if lang == "ruby": lang_file = "tmp.rb"