How to use the boofuzz.blocks function in boofuzz

To help you get started, we’ve selected a few boofuzz examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github jtpereyda / boofuzz / boofuzz / legos / xdr.py View on Github external
def render(self):
        """
        We overload and extend the render routine in order to properly pad and prefix the string.

        [dword length][array][pad]
        """

        # let the parent do the initial render.
        blocks.Block.render(self)

        # encode the empty string correctly:
        if self._rendered == six.binary_type(b""):
            self._rendered = six.binary_type(b"\x00\x00\x00\x00")
        else:
            size_header = struct.pack(">L", len(self._rendered))
            self._rendered = size_header + self._rendered + calculate_four_byte_padding(self._rendered)

        return helpers.str_to_bytes(self._rendered)
github jtpereyda / boofuzz / boofuzz / __init__.py View on Github external
def s_block_start(name, *args, **kwargs):
    """
    Open a new block under the current request. This routine always returns an instance so you can make your fuzzer
    pretty with indenting::

        if s_block_start("header"):
            s_static("\\x00\\x01")
            if s_block_start("body"):
                ...
        s_block_close()

    :note Prefer using s_block to this function directly
    :see s_block
    """
    block = Block(name, blocks.CURRENT, *args, **kwargs)
    blocks.CURRENT.push(block)

    return block
github jtpereyda / boofuzz / boofuzz / legos / ber.py View on Github external
# ASN.1 / BER TYPES (http://luca.ntop.org/Teaching/Appunti/asn1.html)

from __future__ import absolute_import
from .. import blocks, primitives, exception
from ..constants import BIG_ENDIAN
from .. import helpers


class String(blocks.Block):
    """
    [0x04][0x84][dword length][string]

    Where:

        0x04 = string
        0x84 = length is 4 bytes
    """

    def __init__(self, name, request, value, options=None):
        if not options:
            options = {}

        super(String, self).__init__(name, request)

        self.value = value
github jtpereyda / boofuzz / boofuzz / legos / ber.py View on Github external
def __init__(self, name, request, value, options=None):
        if not options:
            options = {}

        super(String, self).__init__(name, request)

        self.value = value
        self.options = options
        self.prefix = options.get("prefix", b"\x04")

        if not self.value:
            raise exception.SullyRuntimeError("MISSING LEGO.ber_string DEFAULT VALUE")

        str_block = blocks.Block(name + "_STR", request)
        str_block.push(primitives.String(self.value))

        self.push(blocks.Size(name + "_STR", request, endian=BIG_ENDIAN, fuzzable=True))
        self.push(str_block)
github jtpereyda / boofuzz / boofuzz / sessions.py View on Github external
self.fuzz_node.mutant is not None
                and self.crashing_primitives[self.fuzz_node] >= self._crash_threshold_node
            ):
                skipped = self.fuzz_node.num_mutations() - self.fuzz_node.mutant_index
                self._skip_current_node_after_current_test_case = True
                self._fuzz_data_logger.open_test_step(
                    "Crash threshold reached for this request, exhausting {0} mutants.".format(skipped)
                )
                self.total_mutant_index += skipped
                self.fuzz_node.mutant_index += skipped
            elif (
                self.fuzz_node.mutant is not None
                and self.crashing_primitives[self.fuzz_node.mutant] >= self._crash_threshold_element
            ):
                if not isinstance(self.fuzz_node.mutant, primitives.Group) and not isinstance(
                    self.fuzz_node.mutant, blocks.Repeat
                ):
                    skipped = self.fuzz_node.mutant.num_mutations() - self.fuzz_node.mutant.mutant_index
                    self._skip_current_element_after_current_test_case = True
                    self._fuzz_data_logger.open_test_step(
                        "Crash threshold reached for this element, exhausting {0} mutants.".format(skipped)
                    )
                    self.total_mutant_index += skipped
                    self.fuzz_node.mutant_index += skipped

            self._restart_target(target)
            return True
        else:
            return False
github jtpereyda / boofuzz / boofuzz / __init__.py View on Github external
def s_switch(name):
    """
    Change the current request to the one specified by "name".

    :type  name: str
    :param name: Name of request
    """

    if name not in blocks.REQUESTS:
        raise exception.SullyRuntimeError("blocks.REQUESTS NOT FOUND: %s" % name)

    blocks.CURRENT = blocks.REQUESTS[name]
github jtpereyda / boofuzz / boofuzz / legos / misc.py View on Github external
# Misc Types
from __future__ import absolute_import

import six

from .. import blocks, exception, helpers, primitives


class DNSHostname(blocks.Block):
    def __init__(self, name, request, value, options=None):
        if not options:
            options = {}

        super(DNSHostname).__init__(name, request)

        self.value = value
        self.options = options

        if not self.value:
            raise exception.SullyRuntimeError("MISSING LEGO.tag DEFAULT VALUE")

        self.push(primitives.String(self.value))

    def render(self):
        """
github jtpereyda / boofuzz / boofuzz / legos / dcerpc.py View on Github external
def render(self):
        """
        We overload and extend the render routine in order to properly pad and prefix the string.

        [dword length][array][pad]
        """

        # let the parent do the initial render.
        blocks.Block.render(self)

        # encode the empty string correctly:
        if self._rendered == b"":
            self._rendered = b"\x00\x00\x00\x00"
        else:
            string_with_padding = self._rendered + calculate_four_byte_padding(self._rendered)
            self._rendered = struct.pack("
github jtpereyda / boofuzz / boofuzz / sessions.py View on Github external
self.fuzz_node.mutant is not None
                and self.crashing_primitives[self.fuzz_node] >= self._crash_threshold_node
            ):
                skipped = self.fuzz_node.num_mutations() - self.fuzz_node.mutant_index
                self._skip_current_node_after_current_test_case = True
                self._fuzz_data_logger.open_test_step(
                    "Crash threshold reached for this request, exhausting {0} mutants.".format(skipped)
                )
                self.total_mutant_index += skipped
                self.fuzz_node.mutant_index += skipped
            elif (
                self.fuzz_node.mutant is not None
                and self.crashing_primitives[self.fuzz_node.mutant] >= self._crash_threshold_element
            ):
                if not isinstance(self.fuzz_node.mutant, primitives.Group) and not isinstance(
                    self.fuzz_node.mutant, blocks.Repeat
                ):
                    skipped = self.fuzz_node.mutant.num_mutations() - self.fuzz_node.mutant.mutant_index
                    self._skip_current_element_after_current_test_case = True
                    self._fuzz_data_logger.open_test_step(
                        "Crash threshold reached for this element, exhausting {0} mutants.".format(skipped)
                    )
                    self.total_mutant_index += skipped
                    self.fuzz_node.mutant_index += skipped

            self._restart_target(target)
            return True
        else:
            return False