def asan(db, out, all, index, timeout):
""" Capture ASAN exploitable output of latest triaged crash files.
This command reuses the parameters passed to your fuzzed app in your
afl-fuzz run. The command uses the standard "@@" to denote the place where
the crash file in inserted into your parameters. If no "@@" is given, the
crash file will be fed to the command through stdin. """
r = AtriageDB(db)
if r.command is None:
click.echo("No command is set. Please run `atriage triage` again, "
"with the --command option if neccessary.")
return
if all:
crashes = r.all_crashes
else:
try:
crashes = r.get_result_set(index)
except IndexError as e:
click.echo(str(e))
return
try:
ret = _asan.feed_crashes(r._conn, r.command, crashes, timeout)
except IndexError as e:
click.echo(str(e))
return
with open(out, "w") as f:
for i in ret:
f.write("{}\n".format(i))
def info(db):
r = AtriageDB(db)
out, total_crashes = get_crash_statistics(r)
click.echo("Collector: {}".format(r.get_collector()))
click.echo("Command: {}".format(r.command))
click.echo()
click.echo(tabulate.tabulate(out, headers=("index", "crashes")))
click.echo()
click.echo("Total crashes: {}".format(total_crashes))
def gather(db, dir, all, index):
r = AtriageDB(db)
if all:
crashes = [i[1] for i in r.all_crashes]
else:
try:
crashes = [i[1] for i in r.get_result_set(index)]
except IndexError as e:
click.echo(str(e))
return
copy_crashes(crashes, dir)
def list(db, all, index):
r = AtriageDB(db)
if all:
crashes = [i[1] for i in r.all_crashes]
else:
try:
crashes = [i[1] for i in r.get_result_set(index)]
except IndexError as e:
click.echo(str(e))
return
for i in crashes:
click.echo(i)
def exploitable(db, out, all, index, timeout, location, abort):
""" Capture GDB exploitable output of latest triaged crash files.
This command reuses the parameters passed to your fuzzed app in your
afl-fuzz run and expects the standard "@@" to denote the place where
the crash file in inserted into your parameters. The command will fail if
it does not find that.
"""
r = AtriageDB.from_db(db)
if all:
crashes = r.all_crashes
else:
try:
crashes = r.get_result_set(index)
except IndexError as e:
click.echo(str(e))
return
try:
ret = ex.feed_crashes(r.command, crashes, timeout, location, abort)
except IndexError as e:
click.echo(str(e))
return
with open(out, "w") as f:
for i in ret:
f.write("{}\n".format(i))
def cli(infile, outfile):
click.echo("Converting {} to new format...".format(infile))
with open(infile, "rb") as f:
results = pickle.load(f)
r = AtriageDB(results)
with open(outfile, "wb") as f:
pickle.dump(r, f, pickle.HIGHEST_PROTOCOL)
def triage(dir, collector, command):
try:
collector = collectors_index[collector]
except KeyError:
click.echo("Error: Collector {} invalid. "
"Check \"atriage list-collectors\" for a list of "
"valid collectors.".format(collector))
return
r = AtriageDB(DB_FILE_NAME)
collector = collector(r)
r.set_collector(collector.name)
collector.parse_directory(dir)
if command:
r.command = command
def exploitable(db, out, all, index, timeout, location, abort):
""" Capture GDB exploitable output of latest triaged crash files.
This command reuses the parameters passed to your fuzzed app in your
afl-fuzz run. The command uses the standard "@@" to denote the place where
the crash file in inserted into your parameters. If no "@@" is given, the
crash file will be fed to the command through stdin. """
if location is None:
click.echo("Please supply the location of the exploitable.py script. "
"You can do this by either setting the ATRIAGE_EXPLOITABLE "
"environment variable or using the --location option.")
return
r = AtriageDB(db)
if r.command is None:
click.echo("No command is set. Please run `atriage triage` again, "
"with the --command option if neccessary.")
return
if all:
crashes = r.all_crashes
else:
try:
crashes = r.get_result_set(index)
except IndexError as e:
click.echo(str(e))
return
try:
ret = ex.feed_crashes(r._conn, r.command, crashes, timeout, location,
abort)
except IndexError as e:
click.echo(str(e))
return
with open(out, "w") as f:
for i in ret:
f.write("{}\n".format(i))
def gather(db, dir, all, index):
r = AtriageDB.from_db(db)
if all:
crashes = r.all_crashes
else:
try:
crashes = r.get_result_set(index)
except IndexError as e:
click.echo(str(e))
return
copy_crashes(crashes, dir)
def list(db, all, index):
r = AtriageDB.from_db(db)
if all:
crashes = r.all_crashes
else:
try:
crashes = r.get_result_set(index)
except IndexError as e:
click.echo(str(e))
return
for i in crashes:
click.echo(i)
from atriage.db import AtriageDB, get_crash_statistics
import pytest
import os
sample_db = os.path.join(os.path.dirname(os.path.abspath(__file__)), "samples",
"atriage.db")
sample_path = os.path.dirname(sample_db)
r = AtriageDB(sample_db)
def test_get_crash_statistics():
res, total = get_crash_statistics(r)
assert res[0] == (0, "2")
assert res[1] == (1, "+1")
assert total == 3
def test_make_relative_path():
assert r._make_relative_path("testfile") == os.path.join(
sample_path, "testfile")
def test_all_crashes_property():
assert r.all_crashes == set([(1, os.path.join(sample_path, "test_case_1")),
(2, os.path.join(sample_path, "test_case_2")),
(3, os.path.join(sample_path,
def triage(dir):
r = AtriageDB.from_db(DB_FILE_NAME)
collector = afl.AFLCollector(r)
collector.parse_directory(dir)
write_db(r, DB_FILE_NAME)
def test_get_result_set_empty():
r_empty = AtriageDB([])
with pytest.raises(IndexError):
r_empty.get_result_set(-1)
from atriage.db import AtriageDB, get_crash_statistics
import pytest
r = AtriageDB([set(["test_case_1", "test_case_2"]), set(["test_case_3"])])
def test_get_crash_statistics():
res, total = get_crash_statistics(r)
assert res[0] == (0, "2")
assert res[1] == (1, "+1")
assert total == 3
def test_all_crashes_property():
assert r.all_crashes == set(["test_case_1", "test_case_2", "test_case_3"])
def test_new_crashes_property():
assert r.new_crashes == set(["test_case_3"])
def test_raw_crashes_property():
assert r.raw_crashes == [
set(["test_case_1", "test_case_2"]),
set(["test_case_3"])
]
def test_get_result_set_negative_index():