Exemple #1
0
def promptAndOutput(outputMessageNum, autogenerateAllClient=False):
    # How many of the messages to output to the .fuzzer
    if args.force or autogenerateAllClient:
        finalMessageNum = len(fuzzerData.messageCollection.messages) - 1
    else:
        finalMessageNum = promptInt(
            "What is the last message number you want output?",
            defaultResponse=len(fuzzerData.messageCollection.messages) - 1)

    # Any messages previously marked for fuzzing, unmark first
    # Inefficient as can be, but who cares
    for message in fuzzerData.messageCollection.messages:
        if message.isFuzzed:
            message.isFuzzed = False
            for subcomponent in message.subcomponents:
                subcomponent.isFuzzed = False

    if not autogenerateAllClient:
        while True:
            tmp = promptString(
                "Which message numbers should be fuzzed? Valid: 0-%d" %
                (finalMessageNum),
                defaultResponse=str(outputMessageNum),
                validateFunc=validateNumberRange)
            if len(tmp) > 0:
                outputFilenameEnd = tmp
                for messageIndex in validateNumberRange(tmp, flattenList=True):
                    fuzzerData.messageCollection.messages[
                        messageIndex].isFuzzed = True
                    for subcomponent in fuzzerData.messageCollection.messages[
                            messageIndex].subcomponents:
                        subcomponent.isFuzzed = True
                break
    else:
        outputFilenameEnd = str(outputMessageNum)
        fuzzerData.messageCollection.messages[outputMessageNum].isFuzzed = True
        for subcomponent in fuzzerData.messageCollection.messages[
                outputMessageNum].subcomponents:
            subcomponent.isFuzzed = True

    outputFilePath = "{0}-{1}.fuzzer".format(
        os.path.splitext(inputFilePath)[0], outputFilenameEnd)
    actualPath = fuzzerData.writeToFile(outputFilePath,
                                        defaultComments=True,
                                        finalMessageNum=finalMessageNum)
    print(GREEN)
    print("Wrote .fuzzer file: {0}".format(actualPath))
    print(CLEAR)

    if autogenerateAllClient:
        nextMessage = getNextMessage(outputMessageNum + 1,
                                     Message.Direction.Outbound)
        # Will return None when we're out of messages to auto-output
        if nextMessage:
            promptAndOutput(nextMessage, autogenerateAllClient=True)
    return finalMessageNum
Exemple #2
0
                        lastMessageDirection = message.direction
        except Exception as e:
            print("Unable to parse as pcap: %s" % (str(rdpcap_e)))
            print("Unable to parse as c_arrays: %s" % (str(e)))

if len(fuzzerData.messageCollection.messages) == 0:
    print(
        "\nCouldn't process input file - are you sure you gave a file containing a tcpdump pcap or wireshark c_arrays?"
    )
    exit()
print("Processed input file %s" % (inputFilePath))

############# Get fuzzing details
# Ask how many times we should repeat a failed test, as in one causing a crash
fuzzerData.failureThreshold = promptInt(
    "\nHow many times should a test case causing a crash or error be repeated?",
    defaultResponse=3) if not args.force else 3
# Timeout between failure retries
fuzzerData.failureTimeout = promptInt(
    "When the test case is repeated above, how many seconds should it wait between tests?",
    defaultResponse=5) if not args.force else 5
# Ask if tcp or udp
fuzzerData.proto = prompt("Which protocol?",
                          answers=["tcp", "udp", "layer3"],
                          defaultIndex=0) if not args.force else "tcp"

# for finding out which L3 protocol
if fuzzerData.proto == "layer3":
    fuzzerData.proto = prompt("Which layer3 protocol?", answers=["icmp","igmp","ipv4","tcp","igp","udp","ipv6","ipv6-route","ipv6-frag","gre", \
                                                                 "dsr","esp","ipv6-icmp","ipv6-nonxt","ipv6-opts","eigrp","ospf","mtp","l2tp","sctp","manual"],defaultIndex=0)
# in the case that it's not in the above list