def sync_database(self, ): print("同步数据库") resList = codeResult.objects.filter(code_id=self.id) if len(resList) == 0: uploadInstance = uploadSourceCode.objects.get(id=self.id) resInstance = codeResult.objects.create( programName=self.short_name, codeCoverage="/", crashes="0", fuzzer=self.fuzzer, time=datetime.now().strftime("%Y-%m-%d %H:%M:%S"), code=uploadInstance) resInstance.save() elif len(resList) == 1: resInstance = resList[0] outs = pathJoin("/root/fuzzResult", resInstance.fuzzer, resInstance.programName) whatsup_summary = pathJoin(MEM_AFL_PATH, "afl-whatsup_summary") #覆盖率和去重 whatsup_individual = pathJoin(MEM_AFL_PATH, "afl-whatsup_individual") result_summary = sum_table_data( getoutput("".join([whatsup_summary, " ", outs])))[0] resInstance.crashes = str(result_summary['crashes_sum']) result_individual = invi_table_data( getoutput(whatsup_individual + " " + outs)) resInstance.codeCoverage = str( max(result_individual[0]['coverage'], result_individual[1]['coverage'])) resInstance.save()
def mycompile(program_path, compileCommand, fuzzer_path, code): clang = "afl-clang-fast" tempClang = "afl-clang-fast++" RANLIB = pathJoin("/usr/bin", "llvm-ranlib-12") AR = pathJoin("/usr/bin", "llvm-ar-12") makeStart = ["make", "-j10"] if code == 2: # clang = "afl-clang" # tempClang = "afl-clang++" pass elif code == 1: clang = "afl-clang" tempClang = "afl-clang++" elif code == 3: clang = "afl-clang-lto" tempClang = "afl-clang-lto++" root_dir = pwd() cd("".join([program_path, compileCommand])) print(type(subprocess.getoutput('find . -name CMakeLists.txt'))) if subprocess.getoutput('find . -name CMakeLists.txt') == "": myCmd = [ "".join(["CC=", os.path.join(fuzzer_path, clang)]), "".join(["CXX=", os.path.join(fuzzer_path, tempClang)]), "./configure --disable-shared" ] if code == 3: myCmd.append("RANLIB=" + RANLIB) myCmd.append("AR=" + AR) myCmd = " ".join(myCmd) print(myCmd) p1 = subprocess.run(myCmd, shell=True) p2 = subprocess.run(makeStart, shell=True) cd(root_dir) else: # myCmd = "cd %s && mkdir -p build && cd build && cmake -DCMAKE_CXX_COMPILER=%s/afl-clang-fast++ .. && make -j10" % ( # program_path, fuzzer_path) mymkdir("build") cd("build") print(pwd()) #-DCMAKE_C_COMPILER=%s pathJoin(fuzzer_path,clang), # myCmd =["cmake","-DCMAKE_CXX_COMPILER=%s"%(pathJoin(fuzzer_path,"".join([clang,"++"]))),".."] myCmd = "cmake -DCMAKE_C_COMPILER=%s -DCMAKE_CXX_COMPILER=%s .." % ( pathJoin(fuzzer_path, clang), pathJoin(fuzzer_path, tempClang)) print(myCmd) subprocess.run(myCmd, close_fds=True, shell=True) subprocess.run(makeStart, close_fds=True) cd(root_dir) print("编译过程已完成")
def download(request):#下载详细结果,用于调试程序记录栈回溯并打包测试结果文件 if request.method == "POST": print(request.POST) codeResult_id = request.POST.get("id",None) print(codeResult_id) if id == None: return HttpResponseNotAllowed codeResultInstance = codeResult.objects.get(id = codeResult_id) with open("/root/AggregateFuzzing/BackEnd/Util/dir.txt","w") as f: f.write(os.path.join("/root/fuzzResult",codeResultInstance.fuzzer, codeResultInstance.programName)) f.close() subprocess.run("gdb -q -x /root/AggregateFuzzing/BackEnd/Util/new_gdb_info.py",shell=True) fuzzer_trans(os.path.join("/root/fuzzResult",codeResultInstance.fuzzer, codeResultInstance.programName)) cd("/root/test") zipCMD = "7za a -tzip -r %s.zip %s"%(codeResultInstance.programName+codeResultInstance.fuzzer, pathJoin(DIRS[codeResultInstance.fuzzer],codeResultInstance.programName)) run(zipCMD,shell= True) file_path = codeResultInstance.programName+codeResultInstance.fuzzer+".zip" response = FileResponse(open(file_path, 'rb')) response['content_type'] = "application/octet-stream" response['Content-Disposition'] = 'attachment; filename=' + os.path.basename(file_path) return response elif request.method == "GET": print("GET")
def process(request):#将引擎的实时运行状况反馈到等待页面 if request.method == "POST": fuzzers = ["MEM","DRILLER","TORTOISE"] programName = request.POST.get("programName",None) if not programName : response = HttpResponse() response.content = "没有参数提供" response.status_code = 412 return response else: code_list = codeResult.objects.filter(programName = programName) sourceCodeInstance = code_list[0].code # print(code_list) data_send = {} sum_ms = "" for code in code_list: # codeResultInstance = codeResult.objects.get(id = id) whatsup_individual = pathJoin(MEM_AFL_PATH,"afl-whatsup_individual") whatsup_summary = pathJoin(MEM_AFL_PATH,"afl-whatsup_summary") outs = pathJoin("/root/fuzzResult",code.fuzzer,code.programName) result_individual = invi_table_data(getoutput(whatsup_individual+" "+outs)) if result_individual == -1: response = HttpResponse() response.status_code = 500 return response result_summary = sum_table_data(getoutput(whatsup_summary+" "+outs)) data_send[code.fuzzer] = result_individual data_send[code.fuzzer+"_sum"] = result_summary tempTime = datetime.strptime(code_list[0].time,"%Y-%m-%d %H:%M:%S") + timedelta( minutes=float(sourceCodeInstance.minute),hours=float(sourceCodeInstance.hour)) sum_ms = ( tempTime- datetime.now()).seconds *1000 data_send["sum_ms"] = sum_ms data_send["timeOk"] = tempTime.strftime("%Y-%m-%d %H:%M:%S") # print(data_send) return HttpResponse(json.dumps(data_send), content_type='application/json')
def sourceCode(request):#参数获取模块 if request.method == 'POST': filePath = request.POST.get("fileList", None) analyze = Analyze(filePath) filePath = analyze.Unzip()#解压缩 seed = request.POST.get('seed',None) inputFile = request.POST.get('inputFile', None) if inputFile == None: pass else: inputFile = os.path.join(INPUT_FILE_PATH,inputFile) programName = request.POST.get("programName",None) prePara = request.POST.get('prePara',None) postPara = request.POST.get('postPara',None) # if programName == "pdftopng": # prePara = "-mono" # postPara = "o" # elif programName == "pdftotext": # prePara = "-lineprinter" # postPara = "o" # elif programName == "pdftoppm": # prePara = "-mono" # postPara = "o" compileCommand = request.POST.get('compileCommand',"") inputCommand = request.POST.get('inputCommand',None) hour = request.POST.get("hour",0) minute = request.POST.get("minute",25) resultTime = "" for name in ["MEMAFL","TORTOISE","DRILLER"]: outs = os.path.join("/root/fuzzResult/",name,programName) try: os.mkdir(pathJoin("/root/fuzz_target",name)) except: pass copyCMD = "cp -r %s %s"%(filePath,pathJoin("/root/fuzz_target",name)) filePathList = filePath.split("/") filePath = pathJoin("/root/fuzz_target",name,filePathList[-1]) run(copyCMD,shell = True) print('获取信息成功') if seed == None and inputFile == None: response = HttpResponse() response.content = "没有上传种子文件" response.status_code = 412 return response if not filePath: response = HttpResponse() response.content = "没有上传源代码文件!" response.status_code = 412 return response else: isfile = False temp = uploadSourceCode.objects.create( filePath=filePath, name=name, ins=seed, inputFile=inputFile, prePara=prePara, postPara=postPara,compileCommand=compileCommand, inputCommand=inputCommand,minute = minute ,hour = hour) temp.save() if not inputFile: isfile = True resultTime =threadFuzz( fuzzer=name, program_path=str(filePath), isqemu=False, ins=pathJoin(SEED_PATH,seed), outs=outs, prePara=prePara, postPara=postPara,isfile=isfile,codeOrProgramBoolean=True,codeOrProgram=temp,compileCommand=compileCommand,programName=programName,hour = hour,minute = minute,id = temp.id) else: # 调用接口传数据 resultTime = threadFuzz( fuzzer=name, program_path=str(filePath), isqemu=False, ins=inputFile, outs=outs, prePara=prePara, postPara=postPara,isfile=isfile,codeOrProgramBoolean=True,codeOrProgram=temp,compileCommand=compileCommand,programName=programName,hour = hour, minute = minute,id = temp.id) return JsonResponse({"msg":resultTime,"sum_ms":(int(hour)*60*60+int(minute)*60) *1000})
from datetime import datetime, timedelta from re import match import libtmux from upload.models import codeResult, uploadSourceCode """ fuzzer ==> fuzzer's name compiled pragram's path if pragram has been re-compiled with fuzz-tools isqemu = 0; otherwise 1 ins ==> init_seed 's dir outs ==> fuzz_tools's out dir pragrams' prePara isfile ==> if file read from file """ ALL_PATHS = { 'MEMAFL': pathJoin(MEM_AFL_PATH), "AFL": pathJoin(AFL_PATH), "COLL": pathJoin(COLL_PATH), "TORTOISE": pathJoin(TORTOISE_PATH), "AFLPLUSPLUS": pathJoin(AFLPLUSPLUS_PATH), "DRILLER": pathJoin(DRILLER_PATH) } DIRS = { 'MEMAFL': "/root/fuzzResult/MEMAFL", "AFL": "/root/fuzzResult/AFL", "COLL": "/root/fuzzResult/collafl", "TORTOISE": "/root/fuzzResult/TORTOISE", "AFLPLUSPLUS": "/root/fuzzResult/AFLPLUSPLUS", "DRILLER": "/root/fuzzResult/DRILLER" }