This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import requests | |
import json | |
import argparse | |
from datetime import datetime | |
def upload_urls(path, limit, api_key=None): | |
data = json.load(open(path, 'r')) | |
data = sorted(data, key=lambda x: datetime.strptime(x['submission_time'][:10], '%Y-%m-%d'), reverse=True) | |
headers = {'Authorization': api_key} if api_key else None |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# install git, cmake, zlib, libexpat | |
apt update && apt install -y git build-essential cmake zlib1g-dev libexpat1-dev | |
# install afl | |
git clone https://github.com/mirrorer/afl | |
cd afl | |
make && make install | |
cd .. | |
# Download and compile the vulnerable exiv2 version (as it's already fixed in master) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# install git, cmake, zlib, libexpat, clang-8 | |
apt update && apt install -y git build-essential cmake zlib1g-dev libexpat1-dev clang-8 | |
# Download the vulnerable code with the libFuzzer targets | |
git clone https://github.com/fuzzitdev/exiv2 --branch libfuzzer_integration_vanilla exiv2 | |
cd exiv2 | |
# Compile the libFuzzer targets | |
mkdir build | |
cd build |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// pseudo code | |
Instrument program for code coverage | |
for { | |
Choose random input from corpus | |
Mutate input | |
Execute input and collect coverage | |
If new coverage/paths are hit add it to corpus (corpus - directory with test-cases) | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package parser | |
func ParseComplex(data [] byte) bool { | |
if len(data) == 5 { | |
if data[0] == 'F' && data[1] == 'U' && data[2] == 'Z' && data[3] == 'Z' && data[4] == 'I' && data[5] == 'T' { | |
return true | |
} | |
} | |
return false | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// +build gofuzz | |
package parser | |
func Fuzz(data []byte) int { | |
ParseComplex(data) | |
return 0 | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
docker run -it gcr.io/fuzzit-public/buster-golang12:2dc7875 /bin/bash | |
# Download this example | |
go get github.com/fuzzitdev/example-go | |
cd /go/src/github.com/fuzzitdev/example-go | |
# building instrumented version of the code together with libFuzzer integration | |
go-fuzz-build -libfuzzer -o parse-complex.a . | |
clang -fsanitize=fuzzer parse-complex.a -o parse-complex |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//psuedo code | |
# fuzzing workflow | |
for { | |
* push new code to master/dev | |
* Build the fuzzers in the CI and upload to a server where you will run them. | |
* The fuzzer will run either until it finds a crash or until a new version of the fuzzer is uploaded | |
* Corpus is saved between runs | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
dist: bionic | |
language: go | |
go: | |
- "1.12.x" | |
services: | |
- docker | |
env: | |
global: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
pub fn parse_complex(data: &[u8]) -> bool{ | |
if data.len() == 5 { | |
if data[0] == b'F' && data[1] == b'U' && data[2] == b'Z' && data[3] == b'Z' && data[4] == b'I' && data[5] == b'T' { | |
return true | |
} | |
} | |
return true; | |
} |
OlderNewer