1

我通过阅读http://blog.miguelgrinberg.com/post/designing-a-restful-api-with-python-and-flask在 Flask 中制作了一个基于 REST 的小型 Web 服务 ,现在我想使用 Peach 框架对 JSON 进行模糊测试. 我知道它使用了一个坑文件(XML)来进行模糊测试,但我的小脑袋无法制作可以满足我目的的坑文件。我用谷歌搜索了很多桃坑文件,但一切都是徒劳的。我需要一个坑文件,或者任何人都可以告诉我如何创建一个坑文件来模糊有效载荷。

4

1 回答 1

2

There is a nice tutorial about peach available there.

Several elements need to be defined:

  • a data model describing the format of the data you want to send.
  • a state model describing the behavior of the fuzzer.
  • an agent runnning and monitoring the applications under fuzzing.
  • a test bringing all definitions together.

Here is an example of a Peach Pit file from the tutorial.

<Peach xmlns="http://peachfuzzer.com/2012/Peach" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://peachfuzzer.com/2012/Peach ../peach.xsd">
  <DataModel name="DataHTER">
    <String value="HTER " mutable="false" token="true"/>
    <String value=""/>
    <String value="\r\n" mutable="false" token="true"/>
  </DataModel>
  <StateModel name="StateHTER" initialState="Initial">
    <State name="Initial">
      <Action type="input" ><DataModel ref="DataResponse"/></Action>
      <Action type="output"><DataModel ref="DataHTER"/></Action>
      <Action type="input" ><DataModel ref="DataResponse"/></Action>
    </State>
  </StateModel>
  <DataModel name="DataResponse">
    <String value=""/>
  </DataModel>
  <Agent name="RemoteAgent" location="tcp://127.0.0.1:9001">
  <!-- Run and attach windbg to a vulnerable server. -->
    <Monitor class="WindowsDebugger">
      <Param name="CommandLine" value="C:\Documents and Settings\Administrator\Desktop\vulnserver\vulnserver.exe"/>
      <Param name="WinDbgPath" value="C:\Program Files\Debugging Tools for Windows (x86)" />
    </Monitor>
  </Agent>
  <Test name="TestHTER">
    <Agent ref="RemoteAgent"/>
    <StateModel ref="StateHTER"/>
    <Publisher class="TcpClient">
      <Param name="Host" value="127.0.0.1"/>
      <Param name="Port" value="9999"/>
    </Publisher>
    <Logger class="File">
      <Param name="Path" value="Logs"/>
    </Logger>
  </Test>

If you want to use a JSON data model, you can follow the recommendation of one of the peach architect.

1)Define a data model corresponding to the JSON.

JSON Object

{
  "name":"John Smith",
  "address":{
    "address1":"555 Main St.",
    "city":"Seattle"
  }
}

Data model

<DataModel>
  <String name="name" value="John Smith" />
  <Block name="address">
    <String name="address1" value="555 Main St." />
    <String name="city" value="Seattle" />
  </Block>
</DataModel>

You then have to write your own custom publisher in C#. Here is a tutorial for this.

于 2014-11-02T21:05:39.920 回答