def api_create_job():
# TODO check if a job with this name does already exist
data = flask.request.get_json()
if data:
# TODO sanitize data
if not data.get('name'):
return json.dumps({
'success': False,
'msg': "No fuzz job name specified"
})
elif not data.get('description'):
return json.dumps({
'success': False,
'msg': "No fuzz job description specified"
})
if data.get('fuzzer') == "afl" and data.get('engine') is not None:
return json.dumps({
'success':
False,
'msg':
"The fuzzer afl contains a mutation engine. No need to select a mutation engine"
})
if data.get('samples') is None or data.get('fuzzing_target') is None:
return json.dumps({
'success':
False,
'msg':
"Please provide a fuzzing target AND some initial test cases."
})
if data.get('firmware_root') is not None:
firmware_root = base64.b64decode(data.get('firmware_root'))
else:
firmware_root = None
new_job = Job(name=data.get('name'),
description=data.get('description'),
maximum_samples=int(data.get('maximum_samples')),
archived=False,
enabled=True,
maximum_iteration=int(data.get('maximum_iteration')),
timeout=int(data.get('timeout')),
date=datetime.datetime.now().strftime('%Y-%m-%d'),
mutation_engine=data.get('mutation_engine'),
fuzzer=data.get('fuzzer'),
samples=base64.b64decode(data.get('samples')),
fuzzing_target=base64.b64decode(
data.get('fuzzing_target')),
cmd_args=data.get('cmd_args'),
verifier=data.get('verifier'),
firmware_root=firmware_root)
new_job.save()
return json.dumps({'success': True})
else:
return json.dumps({
'success': False,
'msg': 'no json document provided'
})
def add_job():
# TODO check if job with this name already exists
if flask.request.method == 'GET':
engines = [x['name'] for x in f3c_global_config.mutation_engines]
fuzzers = [x['name'] for x in f3c_global_config.fuzzers]
verifiers = [x['name'] for x in f3c_global_config.verifiers]
return flask.render_template("jobs_add.html",
engines=engines,
fuzzers=fuzzers,
verifiers=verifiers)
else:
data = flask.request.form
files = flask.request.files
engine = data.get('mutation_engine')
if data.get('fuzzer') == "afl":
engine = 'external'
if not ('fuzzing_target' in files):
flask.flash('Please provide a fuzzing target.')
return flask.redirect('/jobs/add')
if mutation_engine_requires_samples(engine) and not ('samples'
in files):
flask.flash(
'If mutation engine is not external then you must provide some initial test cases.'
)
return flask.redirect('/jobs/add')
samples = None
if 'samples' in files:
samples = files['samples'].stream.read()
firmware_root = None
if 'firmware_root' in files:
firmware_root = files['firmware_root'].stream.read()
new_job = Job(name=data.get('name'),
description=data.get('description'),
maximum_samples=f3c_global_config.maximum_samples,
archived=False,
enabled=True,
maximum_iteration=int(data.get('maximum_iteration')),
timeout=int(data.get('timeout')),
date=datetime.datetime.now().strftime('%Y-%m-%d'),
mutation_engine=engine,
fuzzer=data.get('fuzzer'),
verifier=data.get('verifier'),
samples=samples,
fuzzing_target=files['fuzzing_target'].stream.read(),
cmd_args=data.get('cmd_args'),
firmware_root=firmware_root,
owner=User.objects.get(email=current_user.email))
new_job.save()
return flask.redirect("/jobs/show")
def add_job():
if flask.request.method == 'GET':
engines = [x['name'] for x in f3c_global_config.mutation_engines]
fuzzers = [x['name'] for x in f3c_global_config.fuzzers]
return flask.render_template("jobs_add.html",
engines=engines,
fuzzers=fuzzers)
else:
data = flask.request.form
files = flask.request.files
if not data.get('name'):
flask.abort(400, description="No fuzz job name specified")
elif not data.get('description'):
flask.abort(400, description="No fuzz job description specified")
if data.get('fuzzer') == "afl" and data.get('engine') is not None:
flask.abort(400,
description="The fuzzer afl contains a mutation engine. No need to select a mutation engine")
if not ('samples' in files) or not ('fuzzing_target' in files):
flask.abort(400,
description="Please provide a fuzzing target AND some initial test cases.")
firmware_root = None
if 'firmware_root' in files:
firmware_root = files['firmware_root'].stream.read()
new_job = Job(name=data.get('name'),
description=data.get('description'),
maximum_samples=int(data.get('maximum_samples')),
archived=False,
enabled=True,
maximum_iteration=int(data.get('maximum_iteration')),
timeout=int(data.get('timeout')),
date=datetime.datetime.now().strftime('%Y-%m-%d'),
mutation_engine=data.get('mutation_engine'),
fuzzer=data.get('fuzzer'),
samples=files['samples'].stream.read(),
fuzzing_target=files['fuzzing_target'].stream.read(),
firmware_root=firmware_root)
new_job.save()
return flask.redirect("/jobs/show")