first = True
log = FilesystemLoging()
log.dir = "\\\\vboxsrv\\__share__\\crashesEdge"
mut = FileBitFlipping()
mut.rate=12000
while True:
try:
for f in os.listdir("c:/Work/input"):
extension = os.path.splitext(f)[1]
if first:
while True:
try:
desc = mut.mutate("c:/Work/input/" + f, "c:/Work/test" + extension)
break
except:
time.sleep(1)
else:
time.sleep(4)
while getPidByImg("MicrosoftEdge.exe")!=0:
time.sleep(1)
clearEvents()
proc = subprocess.Popen(["cmd", "/c","start c:/Work/test" + extension], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
time.sleep(5)
killByImg("MicrosoftEdge.exe")
killByPid(proc.pid)
########################
#Simple example how to fuzz Win10 Metro apps (MS provided audio and video player apps)
#After detecting the crash, the fuzzer runs same input 4 times again to be sure the crash was not random
#Recommend gflags full page heap for processes Video.UI.exe and WWAHost.exe
#########################
from Vanapagan.Mutator.FileBitFlipping import FileBitFlipping
from Vanapagan.Mutator.FileByteRepetition import FileByteRepetition
from Vanapagan.Mutator.FileByteValues import FileByteValues
from Vanapagan.Mutator.XmlBitFlipping import XmlBitFlipping
from Vanapagan.Mutator.XmlByteValues import XmlByteValues
mut1 = FileBitFlipping()
mut2 = FileByteRepetition()
mut3 = FileByteValues()
mut4 = XmlBitFlipping()
mut5 = XmlByteValues()
print mut1.mutate("input.txt", "output1.txt")
print mut2.mutate("input.txt", "output2.txt")
print mut3.mutate("input.txt", "output3.txt")
print mut4.mutate("input.txt", "output4.txt")
print mut5.mutate("input.txt", "output5.txt")
mut.rate=40000
start = time.time()
def killAll():
proc = subprocess.Popen(["cmd", "/c","taskkill /f /im AcroRd32.exe"], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
proc.wait()
while True:
for f in os.listdir("c:/Work/input"):
try:
x = 0
while True:
try:
desc = mut.mutate("c:/Work/input/" + f, "c:/Work/test1.pdf")
break
except:
if x>10:
raise
if x>5:
killAll()
time.sleep(1)
x+=1
while True:
run.run(["C:\\Program Files\\Adobe\\Acrobat Reader DC\\Reader\\AcroRd32.exe", "/n", "/s", "/o", "/h", "c:/Work/test1.pdf"])
#crash = run.waitForCrash(12)
crash = None
for x in xrange(12 + (crashCheck*3)):
notNull = 0
log = FilesystemLoging()
log.dir = "./crashesFoxit"
run = AndroidAdb(deviceTmpFile = "/sdcard/Tmp/test.pdf")
mut = FileBitFlipping()
mut.rate=12000
if len(sys.argv)>1:
run.device = sys.argv[1]
if len(sys.argv)>2:
myNr = sys.argv[2]
while True:
try:
for f in os.listdir("./input"):
desc = mut.mutate("./input/" + f, "./test_" + myNr + ".pdf")
run.run("com.foxit.mobile.pdf.lite/com.fuxin.read.RD_ReadActivity", "./test_" + myNr + ".pdf")
crash = run.waitForCrash(5)
if crash != None:
crashes += 1
if not crash.nearNull:
notNull += 1
print "##########Something happened in %s###########" % crash.location
log.log("./test_" + myNr + ".pdf", crash, desc)
run.close()
count += 1
if count % 5 == 0:
print "######Done %d reps, found %d crashes (%d not null)" % (count, crashes, notNull)
except:
raise
#########################
import os
import time
import subprocess
from Vanapagan.Detector.LinuxGdb import LinuxGdb
from Vanapagan.Loging.FilesystemLoging import FilesystemLoging
from Vanapagan.Mutator.FileBitFlipping import FileBitFlipping
count =0
log = FilesystemLoging()
run = LinuxGdb()
mut = FileBitFlipping()
mut.rate=12000
while True:
try:
for f in os.listdir("./input"):
desc = mut.mutate("./input/" + f, "/home/jaanus/MysTuff/0day/__share__/Test/Vanapagan/test.pdf")
run.run(["/usr/bin/evince", "/home/jaanus/MysTuff/0day/__share__/Test/Vanapagan/test.pdf"])
crash = run.waitForCrash(6)
if crash != None:
log.log("/home/jaanus/MysTuff/0day/__share__/Test/Vanapagan/test.pdf", crash, desc)
run.close(False)
count += 1
if count % 5 == 0:
print "Done %d reps" % count
except:
raise