class HTMLGrammarMiner(HTMLGrammarMiner): QUERY_GRAMMAR = extend_grammar( CGI_GRAMMAR, { "<start>": ["<action>?<query>"], "<text>": ["<string>"], "<number>": ["<digits>"], "<digits>": ["<digit>", "<digits><digit>"], "<digit>": crange('0', '9'), "<checkbox>": ["<_checkbox>"], "<_checkbox>": ["on", "off"], "<email>": ["<_email>"], "<_email>": [cgi_encode("<string>@<string>", "<>")], # Use a fixed password in case we need to repeat it "<password>": ["<_password>"], "<_password>": ["abcABC.123"], # Stick to printable characters to avoid logging problems "<percent>": ["%<hexdigit-1><hexdigit>"], "<hexdigit-1>": srange("34567"), # Submissions: "<submit>": [""] })
class GUIGrammarMiner(GUIGrammarMiner): START_STATE = "<state>" UNEXPLORED_STATE = "<unexplored>" FINAL_STATE = "<end>" GUI_GRAMMAR = ({ START_SYMBOL: [START_STATE], UNEXPLORED_STATE: [""], FINAL_STATE: [""], "<text>": ["<string>"], "<string>": ["<character>", "<string><character>"], "<character>": ["<letter>", "<digit>", "<special>"], "<letter>": crange('a', 'z') + crange('A', 'Z'), "<number>": ["<digits>"], "<digits>": ["<digit>", "<digits><digit>"], "<digit>": crange('0', '9'), "<special>": srange(". !"), "<email>": ["<letters>@<letters>"], "<letters>": ["<letter>", "<letters><letter>"], "<boolean>": ["True", "False"], # Use a fixed password in case we need to repeat it "<password>": ["abcABC.123"], "<hidden>": "<string>", })
def add_str_rule(self): self.grammar["<str>"] = ["<char>+"] self.grammar["<char>"] = srange( string.digits + string.ascii_letters + string.punctuation)
XML_TOKENS = {"<id>", "<text>"} XML_GRAMMAR = { "<start>": ["<xml-tree>"], "<xml-tree>": [ "<text>", "<xml-open-tag><xml-tree><xml-close-tag>", "<xml-openclose-tag>", "<xml-tree><xml-tree>" ], "<xml-open-tag>": ["<<id>>", "<<id> <xml-attribute>>"], "<xml-openclose-tag>": ["<<id>/>", "<<id> <xml-attribute>/>"], "<xml-close-tag>": ["</<id>>"], "<xml-attribute>": ["<id>=<id>", "<xml-attribute> <xml-attribute>"], "<id>": ["<letter>", "<id><letter>"], "<text>": ["<text><letter_space>", "<letter_space>"], "<letter>": srange(string.ascii_letters + string.digits + "\"" + "'" + "."), "<letter_space>": srange(string.ascii_letters + string.digits + "\"" + "'" + " " + "\t"), } if __name__ == "__main__": assert is_valid_grammar(XML_GRAMMAR) if __package__ is None or __package__ == "": from Parser import EarleyParser else: from .Parser import EarleyParser if __package__ is None or __package__ == "": from GrammarFuzzer import display_tree else:
# many more ] } if __name__ == "__main__": assert is_valid_grammar(LS_EBNF_GRAMMAR) if __package__ is None or __package__ == "": from Grammars import convert_ebnf_grammar, srange else: from .Grammars import convert_ebnf_grammar, srange LS_EBNF_GRAMMAR = { '<start>': ['-<options>'], '<options>': ['<option>*'], '<option>': srange("ABCFGHLOPRSTUW@abcdefghiklmnopqrstuwx1") } if __name__ == "__main__": assert is_valid_grammar(LS_EBNF_GRAMMAR) LS_GRAMMAR = convert_ebnf_grammar(LS_EBNF_GRAMMAR) if __package__ is None or __package__ == "": from Fuzzer import ProgramRunner else: from .Fuzzer import ProgramRunner if __name__ == "__main__": f = GrammarCoverageFuzzer(LS_GRAMMAR, max_nonterminals=3) while len(f.max_expansion_coverage() - f.expansion_coverage()) > 0: