24/4/9 漏洞类型、模板生成、变异方法完善，路径硬编码修改

a73cc0e0 · 钱炳权 · 1912abc9 · a73cc0e0 · a73cc0e0 · a73cc0e0
Commit a73cc0e0 authored Apr 09, 2024 by 钱炳权
11 changed files
--- a/fuzzbackend/log/spring.log
+++ b/fuzzbackend/log/spring.log
@@ -16,3 +16,12 @@
 2024-04-01 14:46:12.978 [main] INFO  o.s.b.w.s.c.ServletWebServerApplicationContext - Root WebApplicationContext: initialization completed in 461 ms
 2024-04-01 14:46:13.162 [main] INFO  o.s.boot.web.embedded.tomcat.TomcatWebServer - Tomcat started on port(s): 8100 (http) with context path ''
 2024-04-01 14:46:13.169 [main] INFO  com.example.fuzzControll.FuzzControlApplication - Started FuzzControlApplication in 0.849 seconds (JVM running for 1.322)
+2024-04-08 14:12:55.975 [main] INFO  com.example.fuzzControll.FuzzControlApplication - Starting FuzzControlApplication using Java 11.0.6 on DESKTOP-GDSKRB2 with PID 27760 (D:\code\company\fuzz-backend\fuzz-backend\fuzzbackend\target\classes started by qian in D:\code\company\fuzz-backend\fuzz-backend\fuzzbackend)
+2024-04-08 14:12:55.989 [main] INFO  com.example.fuzzControll.FuzzControlApplication - The following 1 profile is active: "dev"
+2024-04-08 14:12:56.567 [main] INFO  o.s.boot.web.embedded.tomcat.TomcatWebServer - Tomcat initialized with port(s): 8100 (http)
+2024-04-08 14:12:56.573 [main] INFO  org.apache.catalina.core.StandardService - Starting service [Tomcat]
+2024-04-08 14:12:56.573 [main] INFO  org.apache.catalina.core.StandardEngine - Starting Servlet engine: [Apache Tomcat/9.0.68]
+2024-04-08 14:12:56.793 [main] INFO  o.a.c.core.ContainerBase.[Tomcat].[localhost].[/] - Initializing Spring embedded WebApplicationContext
+2024-04-08 14:12:56.793 [main] INFO  o.s.b.w.s.c.ServletWebServerApplicationContext - Root WebApplicationContext: initialization completed in 779 ms
+2024-04-08 14:12:56.972 [main] INFO  o.s.boot.web.embedded.tomcat.TomcatWebServer - Tomcat started on port(s): 8100 (http) with context path ''
+2024-04-08 14:12:56.991 [main] INFO  com.example.fuzzControll.FuzzControlApplication - Started FuzzControlApplication in 1.299 seconds (JVM running for 2.308)
--- a/fuzzbackend/pom.xml
+++ b/fuzzbackend/pom.xml
@@ -22,6 +22,7 @@
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter</artifactId>
+            <version>2.5.3</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
@@ -51,11 +52,6 @@
        <dependency>
            <groupId>com.alibaba</groupId>
            <artifactId>fastjson</artifactId>
-            <version>1.2.47</version>
-        </dependency>
-        <dependency>
-            <groupId>com.alibaba</groupId>
-            <artifactId>fastjson</artifactId>
            <version>2.0.31</version>
        </dependency>
        <dependency>
@@ -86,31 +82,27 @@
        <plugins>
            <plugin>
                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-compiler-plugin</artifactId>
-                <version>3.8.1</version>
+                <artifactId>maven-surefire-plugin</artifactId>
+                <version>2.22.2</version>
                <configuration>
-                    <source>11</source>
-                    <target>11</target>
-                    <encoding>UTF-8</encoding>
+                    <skipTests>true</skipTests>
                </configuration>
            </plugin>
+
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>
-                <version>${spring-boot.version}</version>
-                <configuration>
-                    <mainClass>com.example.fuzzControll.AflnetControlApplication</mainClass>
-                    <skip>true</skip>
-                </configuration>
+                <version>2.6.13</version>
                <executions>
                    <execution>
-                        <id>repackage</id>
                        <goals>
                            <goal>repackage</goal>
                        </goals>
                    </execution>
                </executions>
            </plugin>
+
+
        </plugins>
    </build>


--- a/fuzzbackend/src/main/java/com/example/fuzzControll/conf/kittyProperties.java
+++ b/fuzzbackend/src/main/java/com/example/fuzzControll/conf/kittyProperties.java
@@ -15,6 +15,15 @@ public class kittyProperties {
    String stagesHttp;
    String reportHttp;
    String mutationPath;
+    String aflnetPath;
+
+    public String getAflnetPath() {
+        return aflnetPath;
+    }
+
+    public void setAflnetPath(String aflnetPath) {
+        this.aflnetPath = aflnetPath;
+    }

    public String getMutationPath() {
        return mutationPath;

--- a/fuzzbackend/src/main/java/com/example/fuzzControll/constents/cmdConstent.java
+++ b/fuzzbackend/src/main/java/com/example/fuzzControll/constents/cmdConstent.java
 package com.example.fuzzControll.constents;

+import com.example.fuzzControll.conf.SpringContextUtil;
+import com.example.fuzzControll.conf.kittyProperties;
+
 public class cmdConstent {
+    static kittyProperties kittyProperties = (kittyProperties)SpringContextUtil.getBean("kittyProperties");
    public static final String GET_FILE_NAME = "ls -h ";
    public static final String DELETE_FILE = "sudo rm -r ";
-    public static final String RUN_AFLNET = "afl-fuzz -d -i /home/qbq/aflnet/tutorials/live555/in-rtsp -o out-live8 " +
-            "-x /home/qbq/aflnet/tutorials/live555/rtsp.dict ";
+    public static final String RUN_AFLNET = "afl-fuzz -d -i "+kittyProperties.getAflnetPath()+"aflnet/tutorials/live555/in-rtsp -o out-live8 " +
+            "-x "+kittyProperties.getAflnetPath()+"aflnet/tutorials/live555/rtsp.dict ";
    public static final String RUN_PING = "ping www.baidu.com";



--- a/fuzzbackend/src/main/java/com/example/fuzzControll/controller/WebSocket.java
+++ b/fuzzbackend/src/main/java/com/example/fuzzControll/controller/WebSocket.java
@@ -17,7 +17,7 @@ import java.util.concurrent.ConcurrentHashMap;
 public class WebSocket {

    private Session session; //与某个客户端连接对话，通过此对客户端发送消息
-    private static final ConcurrentHashMap<String, WebSocket> WEBSOCKET_CONCURRENTHASHMAP = new ConcurrentHashMap<>(); //存放所有连接的客户端
+    private static final ConcurrentHashMap<String, WebSocket> WEBSOCKET_CONCURRENTHASHMAP = new ConcurrentHashMap<String, WebSocket>(); //存放所有连接的客户端


    @OnOpen

--- a/fuzzbackend/src/main/java/com/example/fuzzControll/controller/testControler.java
+++ b/fuzzbackend/src/main/java/com/example/fuzzControll/controller/testControler.java
@@ -22,7 +22,7 @@ public class testControler {
     * 测试启动
     */
    @RequestMapping(value = "/testStart", method = RequestMethod.POST)
-    public AjaxResult list(@RequestBody cmdStartParams cmdStartParams) {
+    public AjaxResult list(@RequestBody final cmdStartParams cmdStartParams) {
        try {
            new Thread(new Runnable() {
                @Override

--- a/fuzzbackend/src/main/java/com/example/fuzzControll/service/impl/testServiceImpl.java
+++ b/fuzzbackend/src/main/java/com/example/fuzzControll/service/impl/testServiceImpl.java
 package com.example.fuzzControll.service.impl;

+import com.example.fuzzControll.conf.SpringContextUtil;
+import com.example.fuzzControll.conf.kittyProperties;
 import com.example.fuzzControll.constents.cmdConstent;
 import com.example.fuzzControll.pojo.vo.cmdStartParams;
 import com.example.fuzzControll.service.testService;
@@ -9,6 +11,7 @@ import org.springframework.stereotype.Service;

 @Service("testService")
 public class testServiceImpl implements testService {
+    kittyProperties kittyProperties = (kittyProperties) SpringContextUtil.getBean("kittyProperties");

    cmdTools cmdTools = new cmdTools();

@@ -16,9 +19,8 @@ public class testServiceImpl implements testService {
    @Override
    public void testStart(cmdStartParams cmdStartParams) {
        testControlTools.setIsRunning(true);
-        String cmd =  cmdTools.parse(cmdStartParams);
-        String finalCmd = cmdConstent.RUN_AFLNET+cmd+"/home/qbq/live555/testProgs/testOnDemandRTSPServer 8554";
-        System.out.println(finalCmd);
+        String cmd = cmdTools.parse(cmdStartParams);
+        String finalCmd = cmdConstent.RUN_AFLNET + cmd + kittyProperties.getAflnetPath()+"live555/testProgs/testOnDemandRTSPServer 8554";
        cmdTools.runProgramCmd(finalCmd);
    }


--- a/fuzzbackend/src/main/java/com/example/fuzzControll/tools/cmdTools.java
+++ b/fuzzbackend/src/main/java/com/example/fuzzControll/tools/cmdTools.java
@@ -20,11 +20,11 @@ public class cmdTools {
     * 运行不需要后台运行cmd
     */
    public List<String> runCmd(String cmd) {
-        List<String> result = new ArrayList<>();
+        List<String> result = new ArrayList<String>();
        try {
            Process process = Runtime.getRuntime().exec(cmd);
            printMessage(process.getInputStream(), result);
-            printMessage(process.getErrorStream(), new ArrayList<>());
+            printMessage(process.getErrorStream(), new ArrayList<String>());
            process.waitFor();
        } catch (Exception e) {
            e.printStackTrace();
@@ -43,7 +43,7 @@ public class cmdTools {
        try {
            Process process = Runtime.getRuntime().exec(cmd);
            printMessageToWeb(process.getInputStream(), process);
-            printMessage(process.getErrorStream(), new ArrayList<>());
+            printMessage(process.getErrorStream(), new ArrayList<String>());
            process.waitFor();
        } catch (Exception e) {
            e.printStackTrace();
@@ -56,8 +56,8 @@ public class cmdTools {
     */
    public Map<String, List<String>> runProgramCmdAndResult(String cmd) {
        Map<String, List<String>> result = new HashMap();
-        List<String> out = Collections.synchronizedList(new ArrayList<>());
-        List<String> error = Collections.synchronizedList(new ArrayList<>());
+        List<String> out = Collections.synchronizedList(new ArrayList<String>());
+        List<String> error = Collections.synchronizedList(new ArrayList<String>());
        try {
            Process process = Runtime.getRuntime().exec(cmd);
            printMessageByProgramCmd(process.getInputStream(), out);
@@ -71,7 +71,7 @@ public class cmdTools {
        return result;
    }

-    private List<String> printMessageByProgramCmd(InputStream input, List<String> result) throws InterruptedException {
+    private List<String> printMessageByProgramCmd(final InputStream input, final List<String> result) throws InterruptedException {
        new Thread(new Runnable() {
            @Override
            public void run() {
@@ -91,7 +91,7 @@ public class cmdTools {
        return result;
    }

-    private List<String> printMessage(final InputStream input, List<String> result) {
+    private List<String> printMessage(final InputStream input, final List<String> result) {
        new Thread(new Runnable() {
            @Override
            public void run() {
@@ -120,14 +120,12 @@ public class cmdTools {
            makeReturnEntity(line, returnEntity);
            if (send) {
                String data = JSONObject.toJSONString(returnEntity);
-                socket.appointSending("backend100", "web100", data);
-                System.out.println(returnEntity + "*");
+                socket.appointSending("backend", "web", data);
            }
        }
    }

    private testReturnEntity makeReturnEntity(String line, testReturnEntity returnEntity) {
-        System.out.println(line);
        if (line.contains("run time")) {
            send = false;
            int run_time = line.indexOf(":");

--- a/fuzzbackend/src/main/resources/application-dev.yml
+++ b/fuzzbackend/src/main/resources/application-dev.yml
@@ -14,14 +14,15 @@ logging:
      max-file-size: 10MB

 filepath:
-  seedPath: "/home/qbq/aflnet/tutorials/live555/in-rtsp"
+  seedPath: "/home/aflnet/tutorials/live555/in-rtsp"

 kitty:
-  path: "/home/qbq/fuzz50/kitty/renix/" #kitty项目下的各协议生成模板python文件路径
-  venvPath: "/home/qbq/fuzz50/kitty/venv/bin/python"
-  methodPath: "/home/qbq/fuzz50/kitty/2020test/"#kitty下变异方法路径
-  vulnerabilityTypePath: "/home/qbq/fuzz50/kitty/2020test/"#kitty下漏洞类型python路径
-  mutationPath: "/home/qbq/fuzz50/kitty/2020test/"
+  aflnetPath: "/home/"
+  path: "/home/fuzz50/kitty/renix/" #kitty项目下的各协议生成模板python文件路径
+  venvPath: "/home/fuzz50/kitty/venv/bin/python"
+  methodPath: "/home/fuzz50/kitty/2020test/"#kitty下变异方法路径
+  vulnerabilityTypePath: "/home/fuzz50/kitty/2020test/"#kitty下漏洞类型python路径
+  mutationPath: "/home/fuzz50/kitty/2020test/"
  templateInfoHttp: "http://127.0.0.1:26001/api/template_info.json"#模板信息请求链接
  statsHttp: "http://127.0.0.1:26001/api/stats.json"#运行时数据
  stagesHttp: "http://127.0.0.1:26001/api/stages.json"#

--- a/fuzzbackend/src/main/resources/banner.txt
+++ b/fuzzbackend/src/main/resources/banner.txt
-
-
-                                ,--,                             ___                                                    ,-.
-              .--.,           ,--.'|                           ,--.'|_              ,---,                           ,--/ /|                            ,---,
-            ,--.'  \          |  | :         ,---,             |  | :,'     ,---,.,---.'|                         ,--. :/ |                ,---,     ,---.'|
-            |  | /\/          :  : '     ,-+-. /  |            :  : ' :   ,'  .' ||   | :                         :  : ' /             ,-+-. /  |    |   | :
-   ,--.--.  :  : :     ,---.  |  ' |    ,--.'|'   |   ,---.  .;__,'  /  ,---.'   ,:   : :      ,--.--.     ,---.  |  '  /      ,---.  ,--.'|'   |    |   | |
-  /       \ :  | |-,  /     \ '  | |   |   |  ,"' |  /     \ |  |   |   |   |    |:     |,-.  /       \   /     \ '  |  :     /     \|   |  ,"' |  ,--.__| |
- .--.  .-. ||  : :/| /    /  ||  | :   |   | /  | | /    /  |:__,'| :   :   :  .' |   : '  | .--.  .-. | /    / ' |  |   \   /    /  |   | /  | | /   ,'   |
-  \__\/: . .|  |  .'.    ' / |'  : |__ |   | |  | |.    ' / |  '  : |__ :   |.'   |   |  / :  \__\/: . ..    ' /  '  : |. \ .    ' / |   | |  | |.   '  /  |
-  ," .--.; |'  : '  '   ;   /||  | '.'||   | |  |/ '   ;   /|  |  | '.'|`---'     '   : |: |  ," .--.; |'   ; :__ |  | ' \ \'   ;   /|   | |  |/ '   ; |:  |
- /  /  ,.  ||  | |  '   |  / |;  :    ;|   | |--'  '   |  / |  ;  :    ;          |   | '/ : /  /  ,.  |'   | '.'|'  : |--' '   |  / |   | |--'  |   | '/  '
-;  :   .'   \  : \  |   :    ||  ,   / |   |/      |   :    |  |  ,   /           |   :    |;  :   .'   \   :    :;  |,'    |   :    |   |/      |   :    :|
-|  ,     .-./  |,'   \   \  /  ---`-'  '---'        \   \  /    ---`-'            /    \  / |  ,     .-./\   \  / '--'       \   \  /'---'        \   \  /
- `--`---'   `--'      `----'                         `----'                       `-'----'   `--`---'     `----'              `----'               `----'
+  __                 ___            _      __          _ 
+ / _|_   _ ________ / __\ __ _  ___| | __ /__\ __   __| |
+| |_| | | |_  /_  //__\/// _` |/ __| |/ //_\| '_ \ / _` |
+|  _| |_| |/ / / // \/  \ (_| | (__|   <//__| | | | (_| |
+|_|  \__,_/___/___\_____/\__,_|\___|_|\_\__/|_| |_|\__,_|
+                                                         
\ No newline at end of file
--- a/fuzzbackend/src/main/resources/result.html
+++ b/fuzzbackend/src/main/resources/result.html
@@ -8,7 +8,7 @@
        var ws1 = null;
        var ws2 = null;
        function myFunction() {
-            ws1 = new WebSocket("ws://192.168.37.149:8100/websocket/testResult/" + "web");
+            ws1 = new WebSocket("ws://localhost:8100/websocket/testResult/" + "web");
            ws1.onmessage = function (evt) {
                console.log(evt);
                var received_msg =JSON.parse(evt.data) ;