def __interesting_handler(self, payload, no_data=False):
if not no_data:
self.kafl_state["progress_interesting"] += 1
self.kafl_state["total"] += 1
self.__buffered_handler(
payload,
methode=fuzz_methode(methode_type=METHODE_INTERESTING_32))
def __arithmetic_handler(self, payload, no_data=False):
if not no_data:
self.kafl_state["progress_arithmetic"] += 1
self.kafl_state["total"] += 1
self.__buffered_handler(
payload,
methode=fuzz_methode(methode_type=METHODE_ARITHMETIC_32))
def __bitflip_handler(self, payload, no_data=False, affected_bytes=None):
if not no_data:
self.kafl_state["progress_bitflip"] += 1
self.kafl_state["total"] += 1
self.__buffered_handler(
payload,
affected_bytes=affected_bytes,
methode=fuzz_methode(methode_type=METHODE_BITFLIP_8))
def __redqueen_handler(self, payload, addr, offset, affected_bytes=None):
self.kafl_state["progress_redqueen"] += 1
self.kafl_state["total"] += 1
self.__buffered_handler(payload,
affected_bytes=affected_bytes,
methode=fuzz_methode(
methode_type=METHODE_REDQUEEN,
redqueen_cmp=addr,
input_byte=offset))
def __perform_import(self):
import_count = len(
glob.glob(self.config.argument_values['work_dir'] + "/imports/*"))
if import_count == 0:
return
self.kafl_state["technique"] = "IMPORT"
log_master("Sync...(" + str(self.round_counter) + " inputs)")
self.__sync_verification(self.round_counter)
log_master("Importing...(" + str(import_count) + " inputs)")
i = 0
for path in glob.glob(self.config.argument_values['work_dir'] +
"/imports/*"):
if (time.time() - self.start) >= self.refresh_rate:
end = time.time()
self.kafl_state.update_performance(
int(((self.counter * 1.0) / (end - self.start))))
self.start = time.time()
self.counter = 0
while True:
msg = recv_msg(self.comm.to_master_queue)
if msg.tag == KAFL_TAG_REQ:
payload = read_binary_file(path)
self.__task_send(
[payload[:(64 << 10)]],
[self.redqueen_state.get_candidate_hash_addrs()],
msg.data,
self.comm.to_slave_queues[int(msg.data)],
[fuzz_methode(METHODE_IMPORT)],
tag=KAFL_TAG_REQ_VERIFY)
os.remove(path)
i += 1
self.counter += 1
self.round_counter += 1
break
else:
log_master("Unknown Tag (" + str(msg.tag) +
") received during verification...")
log_master("Sync...(" + str(self.round_counter) + " inputs)")
self.__sync_verification(self.round_counter)
log_master("Import done!")
def __perform_verification(self, input_count):
self.kafl_state["technique"] = "VERIFICATION"
log_master("Sync...(" + str(self.round_counter) + " inputs)")
self.__sync_verification(self.round_counter)
log_master("Verification...(" + str(input_count) + " inputs)")
i = 0
for path in glob.glob(self.config.argument_values['work_dir'] +
"/preliminary/preliminary_*"):
if (time.time() - self.start) >= self.refresh_rate:
end = time.time()
self.kafl_state.update_performance(
int(((self.counter * 1.0) / (end - self.start))))
self.start = time.time()
self.counter = 0
while True:
msg = recv_msg(self.comm.to_master_queue)
if msg.tag == KAFL_TAG_REQ:
payload = read_binary_file(path)
methode = fuzz_methode()
methode.read_from_file(
self.config.argument_values['work_dir'],
i + 1,
preliminary=True)
self.__task_send(
[payload[:(64 << 10)]],
[self.redqueen_state.get_candidate_hash_addrs()],
msg.data,
self.comm.to_slave_queues[int(msg.data)], [methode],
tag=KAFL_TAG_REQ_VERIFY)
i += 1
self.counter += 1
self.round_counter += 1
break
else:
log_master("Unknown Tag (" + str(msg.tag) +
") received during verification...")
log_master("Sync...(" + str(self.round_counter) + " inputs)")
self.__sync_verification(self.round_counter)
log_master("Verification done!")
def __buffered_handler(self,
payload,
affected_bytes=None,
last_payload=False,
methode=fuzz_methode(methode_type=METHODE_UNKOWN)):
if not self.stage_abortion:
if not last_payload:
self.payload_buffer.append(payload[:(64 << 10)])
self.methode_buffer.append(methode)
if affected_bytes:
self.byte_map.append(affected_bytes)
if len(self.payload_buffer) == self.comm.tasks_per_requests:
self.__master_handler(self.methode_buffer)
self.payload_buffer = []
self.methode_buffer = []
self.byte_map = []
else:
if len(self.payload_buffer) != 0:
self.__master_handler(self.methode_buffer)
self.payload_buffer = []
self.byte_map = []
self.methode_buffer = []
def __radamsa_handler(self, payload, no_data=False):
if not no_data:
self.kafl_state["progress_specific"] += 1
self.kafl_state["total"] += 1
self.__buffered_handler(
payload, methode=fuzz_methode(methode_type=METHODE_RADAMSA))
def __splicing_handler(self, payload, no_data=False):
if not no_data:
self.kafl_state["progress_havoc"] += 1
self.kafl_state["total"] += 1
self.__buffered_handler(
payload, methode=fuzz_methode(methode_type=METHODE_SPLICING))
def __dict_bf_handler(self, payload, no_data=False):
if not no_data:
self.kafl_state["progress_havoc"] += 1
self.kafl_state["total"] += 1
self.__buffered_handler(
payload, methode=fuzz_methode(methode_type=METHODE_DICT_BF))