def test_start_object(self): server = PJFServer(configuration=PJFConfiguration( Namespace( ports={"servers": { "HTTP_PORT": 8080, "HTTPS_PORT": 8443 }}, html=False, level=6, command="radamsa", stdin=True, json={"a": "test"}, indent=True, strong_fuzz=False, url_encode=False, parameters=[], notify=False, debug=False, content_type="text/plain", utf8=False, nologo=True))) server.run() json_http = urllib2.urlopen("http://127.0.0.1:8080").read() try: import requests requests.packages.urllib3.disable_warnings() json_https = requests.get('https://127.0.0.1:8443', verify=False).content self.assertTrue(json_https) except ImportError: pass self.assertTrue(json_http) server.stop()
def fuzz(self, json_str): if self.use_fuzzing is False: return json_str if self.fuzzer is None: config = PJFConfiguration(Namespace(json=json.loads(json_str), nologo=True, level=6)) self.fuzzer = PJFFactory(config) return self.fuzzer.fuzzed
def test_null_mutation(self): with self.assertRaises(Exception): PJFMutation( PJFConfiguration( Namespace(nologo=True, command="radamsa", stdin=True, level=6))).fuzz(None) raise Exception
def test_json_configuration(self): sys.argv.append("--J") sys.argv.append("[1]") sys.argv.append("--no-logo") parser = argparse.ArgumentParser(description='', formatter_class=argparse.RawTextHelpFormatter) parser.add_argument('--J', type=str, default=None) parser.add_argument('--no-logo', action='store_true', dest='nologo', default=False, required=False) parsed = parser.parse_args() args = PJFConfiguration(parsed) for arg in parsed.__dict__: self.assertTrue(arg in args.__dict__)
def test_object_parameters(self): json = PJFFactory( PJFConfiguration( Namespace(parameters="d", json={"a": [{ "b": "c" }, "abcd"]}, nologo=True, level=6))) self.assertTrue(json != json.fuzzed) self.assertTrue("abcd" in json.fuzzed)
def test_object_setitem(self): json = PJFFactory( PJFConfiguration( Namespace(utf8=False, url_encode=False, parameters=None, strong_fuzz=False, json={"a": False}, nologo=True, techniques="CHPTRSX"))) json["a"] = True self.assertTrue(json["a"])
def test_object_contains(self): json = PJFFactory( PJFConfiguration( Namespace(utf8=False, url_encode=False, parameters=None, strong_fuzz=False, json={"a": 1}, nologo=True, techniques="CHPTRSX"))) self.assertTrue(["a"] in json) self.assertFalse(["A"] in json)
def test_object_equal(self): json = PJFFactory( PJFConfiguration( Namespace(utf8=False, url_encode=False, parameters=None, strong_fuzz=False, json={"a": 1}, nologo=True, techniques="CHPTRSX"))) self.assertEquals(json, {"a": 1}) self.assertNotEqual(json, {"a": 0})
def test_object_addition(self): json = PJFFactory( PJFConfiguration( Namespace(utf8=False, url_encode=False, parameters=None, strong_fuzz=False, json={"a": 1}, nologo=True, techniques="CHPTRSX"))) json += {"foo": True} self.assertTrue(json["foo"])
def test_object_representation(self): json = PJFFactory( PJFConfiguration( Namespace(utf8=False, url_encode=False, parameters=None, strong_fuzz=False, json={"a": 1}, nologo=True, techniques="CHPTRSX"))) self.assertTrue(str(json) == "{'a': 1}") self.assertTrue(type(str(json)) == str)
def test_file_mutation(self): external_fuzzer = PJFExternalFuzzer(PJFConfiguration(Namespace(nologo=True, command=["radamsa","@@"], stdin=False))) with file("test.json", "wb") as json_file: json_file.write('{"a": 1}') json_file.close() external_fuzzer.execute("test.json") with file("test.json", "rb") as json_file: content = json_file.read() json_file.close() self.assertTrue(len(content) > 0) os.unlink("test.json")
def test_object_fuzz(self): json = PJFFactory( PJFConfiguration( Namespace(utf8=False, url_encode=False, parameters=None, strong_fuzz=False, json={"a": "\xf0aaaaaaa"}, command=["radamsa"], stdin=True, level=6, indent=True, nologo=True))) self.assertTrue(json.fuzzed)
def test_process_monitor(self): os.chdir(TEST_PATH) subprocess.Popen(["gcc", "sigsegv.c", "-o", "sigsegv"], stderr=subprocess.PIPE, stdout=subprocess.PIPE).wait() crash = PJFProcessMonitor(PJFConfiguration(Namespace(process_to_monitor=["%s/sigsegv" % TEST_PATH], debug=False, ports={"servers": { "HTTP_PORT": 8080, "HTTPS_PORT": 8443, "TCASE_PORT": 8888 } }, nologo=True)) ).run_and_monitor() self.assertTrue(crash)
def test_nested_object(self): self.assertTrue( PJFFactory( PJFConfiguration( Namespace(utf8=False, url_encode=False, parameters=None, strong_fuzz=False, json={ "t": 1, "foo": { "cow": True } }, nologo=True, techniques="CHPTRSX"))))
def test_string_mutation(self): external_fuzzer = PJFExternalFuzzer(PJFConfiguration(Namespace(nologo=True, command=["radamsa"], stdin=True))) mutated = external_fuzzer.execute("MUTATION_EXAMPLE") self.assertTrue(len(mutated) > 0)