Python AFL示例

示例#1

文件： test_fuzzer.py 项目： ruaronicola/phuzzer

def test_parallel_execution():
    """
    test parallel execution, summary stats, and the timed_out method of Phuzzer
    """

    timeout_value = 5
    binary = os.path.join(bin_location, "tests/cgc/ccf3d301_01")
    afl = phuzzer.AFL(binary,
                      work_dir="/tmp/testwork",
                      afl_count=2,
                      create_dictionary=True,
                      resume=False,
                      timeout=timeout_value)

    afl.start()

    start_time = time.time()
    while not afl.timed_out():
        time.sleep(.75)
    elapsed_time = time.time() - start_time
    assert elapsed_time <= (timeout_value + 1)

    assert os.path.exists(join(afl.work_dir, "fuzzer-master", "queue"))
    assert os.path.exists(join(afl.work_dir, "fuzzer-1", "queue"))
    #assert os.path.exists(join(afl.work_dir, "fuzzer-2", "queue"))

    assert afl.summary_stats["execs_done"] > 0
    assert afl.summary_stats["execs_per_sec"] > 0

    afl.stop()

示例#2

文件： test_fuzzer.py 项目： mborgerson/phuzzer

def test_dictionary_creation_cgc():
    '''
    test dictionary creation on a binary
    '''

    binary = os.path.join(bin_location, "tests/cgc/ccf3d301_01")
    afl = phuzzer.AFL(binary, create_dictionary=True, resume=False)
    assert len(afl.dictionary) >= 60
    assert not os.path.exists(afl.dictionary_file)
    afl.start()
    assert os.path.exists(afl.dictionary_file)
    afl.stop()

示例#3

文件： test_fuzzer.py 项目： mborgerson/phuzzer

def test_pollenate():
    fauxware = os.path.join(bin_location, "tests/i386/fauxware")
    f = phuzzer.AFL(fauxware, resume=False)
    f.start()

    time.sleep(1)

    # this should get synchronized
    f.pollenate(b"A"*9+b"SOSNEAKY\0")
    for _ in range(30):
        if any(b"SOSNEAKY" in t for t in f.queue()):
            break
        time.sleep(1)
    else:
        assert False, "AFL failed to synchronize pollenated seed."

示例#4

文件： test_fuzzer.py 项目： mborgerson/phuzzer

def inprogress_dict():
    va = os.path.join(bin_location, "tests/x86_64/veritesting_a")
    f = phuzzer.AFL(va, resume=False, dictionary=[b"B"])
    f.start()

    time.sleep(1)
    assert f.alive

    # this should get synchronized
    for _ in range(30):
        if any(t.count(b"B") == 10 in t for t in f.queue()):
            break
        time.sleep(1)
    else:
        assert False, "AFL failed to find the easter egg given a dict."

示例#5

文件： test_fuzzer.py 项目： mborgerson/phuzzer

def test_fuzzer_spawn():
    """
    Test that the fuzzer spawns correctly
    """

    binary = os.path.join(bin_location, "tests/cgc/PIZZA_00001")

    f = phuzzer.AFL(binary, resume=False)
    f.start()

    for _ in range(15):
        if f.alive:
            break
        time.sleep(1)

    assert f.alive
    if f.alive:
        f.stop()