if __package__ is None or __package__ == "": from MutationFuzzer import FunctionCoverageRunner else: from .MutationFuzzer import FunctionCoverageRunner def crashme(s): if len(s) > 0 and s[0] == 'b': if len(s) > 1 and s[1] == 'a': if len(s) > 2 and s[2] == 'd': if len(s) > 3 and s[3] == '!': raise Exception() crashme_runner = FunctionCoverageRunner(crashme) crashme_runner.run("good") list(crashme_runner.coverage()) # ## Blackbox, Greybox, and Boosted Greybox Fuzzing if __name__ == "__main__": print('\n## Blackbox, Greybox, and Boosted Greybox Fuzzing') if __package__ is None or __package__ == "": from Fuzzer import Fuzzer else: from .Fuzzer import Fuzzer class MutationFuzzer(Fuzzer):
for i in range(10000): seed = schedule.choose(population) hits[seed.data] += 1 hits from html.parser import HTMLParser def my_parser(inp): parser = HTMLParser() parser.feed(inp) if __name__ == "__main__": runner = FunctionCoverageRunner(my_parser) runner.run("Hello World") cov = runner.coverage() list(cov)[:5] # Print 5 statements covered in HTMLParser import time import random if __name__ == "__main__": n = 5000 seed_input = " " # empty seed runner = FunctionCoverageRunner(my_parser) fuzzer = GreyboxFuzzer([seed_input], Mutator(), PowerSchedule()) start = time.time()
def delete_last_character(self, s): """Returns s without the last character""" if (len(s) > 0): return s[:-1] if __name__ == "__main__": n = 10000 seed_input = " " # empty seed maze_mutator = MazeMutator(["L", "R", "U", "D"]) maze_schedule = PowerSchedule() maze_fuzzer = GreyboxFuzzer([seed_input], maze_mutator, maze_schedule) start = time.time() maze_fuzzer.runs(FunctionCoverageRunner(maze), trials=n) end = time.time() "It took the fuzzer %0.2f seconds to generate and execute %d inputs." % ( end - start, n) def print_stats(fuzzer): total = len(fuzzer.population) solved = 0 invalid = 0 valid = 0 for seed in fuzzer.population: s = maze(str(seed.data)) if "INVALID" in s: invalid += 1 elif "VALID" in s: valid += 1