Skip to content

F
fuzzBackEnd
Commit b4175ef1 by 钱炳权
Options

dockercompose、协议模板参数格式修改、新增协议模板协议

parent 011347e6
Showing with 218 additions and 67 deletions
docker-compose.yml 0 → 100644
# yaml 配置
version: '3'
services:
nacos:
image: nacos
ports:
- "8848:8848"
privileged: true
restart: always
environment:
MODE: standalone
fuzz-backend-master:
depends_on:
- nacos
image: fuzz-master:1
ports:
- "8101:8101"
volumes:
- /home/qbq:/home
privileged: true
restart: always
command:
- sh
- -c
- |
java -jar /home/fuzzbackendmaster-0.0.1-SNAPSHOT.jar --nacos-docker.ip=172.18.0.2
fuzz-integration:
depends_on:
- nacos
image: fuzz-integtation:1
ports:
- "8102:8102"
volumes:
- /home/qbq:/home
privileged: true
restart: always
command:
- sh
- -c
- |
source /etc/profile
java -jar /home/fuzzIntegration-0.0.1-SNAPSHOT.jar --fuzzBackEndMaster-docker.ip=172.18.0.3 --nacos-docker.ip=172.18.0.2
fuzzIntegration/src/main/java/com/example/fuzzControll/FuzzIntegration.java
......@@ -9,6 +9,7 @@ import org.springframework.cloud.openfeign.EnableFeignClients;
public class FuzzIntegration {
public static void main(String[] args) {
SpringApplication.run(FuzzIntegration.class, args);
System.out.println("Start successfully!");
}
}
fuzzIntegration/src/main/java/com/example/fuzzControll/conf/KittyProperties.java
......@@ -16,6 +16,15 @@ public class KittyProperties {
String reportHttp;
String mutationPath;
String aflnetPath;
String outputPath;
public String getOutputPath() {
return outputPath;
}
public void setOutputPath(String outputPath) {
this.outputPath = outputPath;
}
public String getAflnetPath() {
return aflnetPath;
......
fuzzIntegration/src/main/java/com/example/fuzzControll/constents/CmdConstent.java
......@@ -9,7 +9,8 @@ public class CmdConstent {
public static final String DELETE_FILE = "rm -r ";
public static final String COUNT_FILE = "ls -l | grep \"^-\" | wc -l";
public static final String COUNT_DIR = "ls -l | grep \"^d\" | wc -l";
public static final String RUN_AFLNET_BEFORE = "afl-fuzz -d -i " + kittyProperties.getAflnetPath() + "aflnet/tutorials/live555/in-rtsp -o ";
public static final String RUN_AFLNET_BEFORE = "afl-fuzz -d -i " + kittyProperties.getAflnetPath() + "aflnet/tutorials/live555/in-rtsp -o "+
kittyProperties.getOutputPath();
public static final String RUN_AFLNET_AFTER = " -x " + kittyProperties.getAflnetPath() + "aflnet/tutorials/live555/rtsp.dict ";
public static final String RUN_PING = "ping www.baidu.com";
......
fuzzIntegration/src/main/java/com/example/fuzzControll/constents/ProtocolConstent.java
......@@ -43,4 +43,9 @@ public class ProtocolConstent {
public static final String TFTP = "tftp_scapy_field.py ";
public static final String UDP = "udp_raw.py ";
public static final String TCP = "tcp_raw.py ";
public static final String NTF = "ntf_udp.py ";
public static final String RIPNG = "ripng_udp.py ";
public static final String RSTP = "rstp_raw.py ";
public static final String SMTP = "smtp_tcp.py ";
public static final String TIRP = "tirp_udp.py ";
}
fuzzIntegration/src/main/java/com/example/fuzzControll/service/impl/ProtocolTemplateImpl.java
......@@ -124,9 +124,18 @@ public class ProtocolTemplateImpl implements ProtocolTemplateService {
return udpCmd(testEntity);
case "tcp"://have error
return tcpCmd(testEntity);
case "ntf":
return ntfCmd(testEntity);
case "ripng":
return ripngCmd(testEntity);
case "rstp":
return rstpCmd(testEntity);
case "smtp"://have error
return smtpCmd(testEntity);
case "tirp":
return tirpCmd(testEntity);
default:
throw new FuzzException("Unknown protocol!");
//TODO testcase_dos/testcase_rpc/ftp_vuln_reproduce
}
} catch (Exception e) {
throw new FuzzException("Count of params is not match or unknown protocol!");
......@@ -134,15 +143,90 @@ public class ProtocolTemplateImpl implements ProtocolTemplateService {
}
private String tirpCmd(TestEntity testEntity) {
if (!TestTools.paramsLenghtTest(testEntity.getParamJson().length, 2, "tirp")) {
return "";
}
String dst_ip = null;
String dst_port = null;
try {
dst_ip = testEntity.getParamJson()[0];
dst_port = testEntity.getParamJson()[1];
} catch (Exception e) {
log.error("tirp参数解析失败!");
}
return kitty.getVenvPath() + " " + kitty.getPath() + ProtocolConstent.TIRP + " " + dst_ip + " " + dst_port;
}
private String smtpCmd(TestEntity testEntity) {
if (!TestTools.paramsLenghtTest(testEntity.getParamJson().length, 2, "smtp")) {
return "";
}
String dst_ip = null;
String dst_port = null;
try {
dst_ip = testEntity.getParamJson()[0];
dst_port = testEntity.getParamJson()[1];
} catch (Exception e) {
log.error("smtp参数解析失败!");
}
return kitty.getVenvPath() + " " + kitty.getPath() + ProtocolConstent.SMTP + " " + dst_ip + " " + dst_port;
}
private String rstpCmd(TestEntity testEntity) {
if (!TestTools.paramsLenghtTest(testEntity.getParamJson().length, 2, "rstp")) {
return "";
}
String src_mac = null;
String dst_mac = null;
try {
src_mac = testEntity.getParamJson()[0];
dst_mac = testEntity.getParamJson()[1];
} catch (Exception e) {
log.error("rstp参数解析失败!");
}
return kitty.getVenvPath() + " " + kitty.getPath() + ProtocolConstent.RSTP + " -s " + src_mac + " -d " + dst_mac;
}
private String ripngCmd(TestEntity testEntity) {
if (!TestTools.paramsLenghtTest(testEntity.getParamJson().length, 2, "ripng")) {
return "";
}
String dst_ip = null;
String dst_port = null;
try {
dst_ip = testEntity.getParamJson()[0];
dst_port = testEntity.getParamJson()[1];
} catch (Exception e) {
log.error("ripng参数解析失败!");
}
return kitty.getVenvPath() + " " + kitty.getPath() + ProtocolConstent.RIPNG + " --host=" + dst_ip + " --port=" + dst_port;
}
private String ntfCmd(TestEntity testEntity) {
if (!TestTools.paramsLenghtTest(testEntity.getParamJson().length, 2, "ntf")) {
return "";
}
String dst_ip = null;
String dst_port = null;
try {
dst_ip = testEntity.getParamJson()[0];
dst_port = testEntity.getParamJson()[1];
} catch (Exception e) {
log.error("ntf参数解析失败!");
}
return kitty.getVenvPath() + " " + kitty.getPath() + ProtocolConstent.NTF + " " + dst_ip + " " + dst_port;
}
private String tcpCmd(TestEntity testEntity) {
if (!TestTools.paramsLenghtTest(testEntity.getParamJson().length, 2, "tcp")) {
return "";
}
String dst_ip = null;
String src_ip = null;
String dst_ip = null;
try {
dst_ip = testEntity.getParamJson()[0];
src_ip = testEntity.getParamJson()[1];
src_ip = testEntity.getParamJson()[0];
dst_ip = testEntity.getParamJson()[1];
} catch (Exception e) {
log.error("tcp参数解析失败!");
}
......@@ -153,11 +237,11 @@ public class ProtocolTemplateImpl implements ProtocolTemplateService {
if (!TestTools.paramsLenghtTest(testEntity.getParamJson().length, 2, "udp")) {
return "";
}
String dst_ip = null;
String src_ip = null;
String dst_ip = null;
try {
dst_ip = testEntity.getParamJson()[0];
src_ip = testEntity.getParamJson()[1];
src_ip = testEntity.getParamJson()[0];
dst_ip = testEntity.getParamJson()[1];
} catch (Exception e) {
log.error("udp参数解析失败!");
}
......@@ -224,13 +308,13 @@ public class ProtocolTemplateImpl implements ProtocolTemplateService {
if (!TestTools.paramsLenghtTest(testEntity.getParamJson().length, 4, "https"))
return "";
String src_ip = null;
String src_port = null;
String dst_ip = null;
String src_port = null;
String dst_port = null;
try {
src_ip = testEntity.getParamJson()[0];
src_port = testEntity.getParamJson()[1];
dst_ip = testEntity.getParamJson()[2];
dst_ip = testEntity.getParamJson()[1];
src_port = testEntity.getParamJson()[2];
dst_port = testEntity.getParamJson()[3];
} catch (Exception e) {
log.error("https参数解析失败!");
......@@ -285,15 +369,15 @@ public class ProtocolTemplateImpl implements ProtocolTemplateService {
private String ipCmd(TestEntity testEntity) {
if (!TestTools.paramsLenghtTest(testEntity.getParamJson().length, 4, "ip"))
return "";
String dst_mac = null;
String src_mac = null;
String dst_ip = null;
String dst_mac = null;
String src_ip = null;
String dst_ip = null;
try {
dst_mac = testEntity.getParamJson()[0];
src_mac = testEntity.getParamJson()[1];
dst_ip = testEntity.getParamJson()[2];
src_ip = testEntity.getParamJson()[3];
src_mac = testEntity.getParamJson()[0];
dst_mac = testEntity.getParamJson()[1];
src_ip = testEntity.getParamJson()[2];
dst_ip = testEntity.getParamJson()[3];
} catch (Exception e) {
log.error("ip参数解析失败!");
}
......@@ -329,11 +413,11 @@ public class ProtocolTemplateImpl implements ProtocolTemplateService {
private String vlanCmd(TestEntity testEntity) {
if (!TestTools.paramsLenghtTest(testEntity.getParamJson().length, 2, "vlan"))
return "";
String dts_mac = null;
String src_mac = null;
String dts_mac = null;
try {
dts_mac = testEntity.getParamJson()[0];
src_mac = testEntity.getParamJson()[1];
src_mac = testEntity.getParamJson()[0];
dts_mac = testEntity.getParamJson()[1];
} catch (Exception e) {
log.error("vlan参数解析失败!");
}
......@@ -357,15 +441,15 @@ public class ProtocolTemplateImpl implements ProtocolTemplateService {
private String pppoeCmd(TestEntity testEntity) {
if (!TestTools.paramsLenghtTest(testEntity.getParamJson().length, 4, "pppoe"))
return "";
String dst_mac = null;
String src_mac = null;
String dst_ip = null;
String dst_mac = null;
String src_ip = null;
String dst_ip = null;
try {
dst_mac = testEntity.getParamJson()[0];
src_mac = testEntity.getParamJson()[1];
dst_ip = testEntity.getParamJson()[2];
src_ip = testEntity.getParamJson()[3];
src_mac = testEntity.getParamJson()[0];
dst_mac = testEntity.getParamJson()[1];
src_ip = testEntity.getParamJson()[2];
dst_ip = testEntity.getParamJson()[3];
} catch (Exception e) {
log.error("pppoe参数解析失败!");
}
......@@ -401,11 +485,11 @@ public class ProtocolTemplateImpl implements ProtocolTemplateService {
private String rarpCmd(TestEntity testEntity) {
if (!TestTools.paramsLenghtTest(testEntity.getParamJson().length, 2, "rarp"))
return "";
String dst_mac = null;
String src_mac = null;
String dst_mac = null;
try {
dst_mac = testEntity.getParamJson()[0];
src_mac = testEntity.getParamJson()[1];
src_mac = testEntity.getParamJson()[0];
dst_mac = testEntity.getParamJson()[1];
} catch (Exception e) {
log.error("rarp参数解析失败!");
}
......@@ -458,8 +542,8 @@ public class ProtocolTemplateImpl implements ProtocolTemplateService {
if (!TestTools.paramsLenghtTest(testEntity.getParamJson().length, 4, "nntp"))
return "";
String src_ip = null;
String src_port = null;
String dst_ip = null;
String src_port = null;
String dst_port = null;
try {
src_ip = testEntity.getParamJson()[0];
......@@ -557,13 +641,13 @@ public class ProtocolTemplateImpl implements ProtocolTemplateService {
private String radiusCmd(TestEntity testEntity) {
if (!TestTools.paramsLenghtTest(testEntity.getParamJson().length, 3, "radius"))
return "";
String src_ip = null;
String dst_ip = null;
String dst_port = null;
String src_ip = null;
try {
dst_ip = testEntity.getParamJson()[0];
dst_port = testEntity.getParamJson()[1];
src_ip = testEntity.getParamJson()[2];
src_ip = testEntity.getParamJson()[0];
dst_ip = testEntity.getParamJson()[1];
dst_port = testEntity.getParamJson()[2];
} catch (Exception e) {
log.error("radius参数解析失败!");
}
......@@ -619,15 +703,15 @@ public class ProtocolTemplateImpl implements ProtocolTemplateService {
private String icmpCmd(TestEntity testEntity) {
if (!TestTools.paramsLenghtTest(testEntity.getParamJson().length, 4, "icmp"))
return "";
String dst_mac = null;
String src_mac = null;
String dst_ip = null;
String dst_mac = null;
String src_ip = null;
String dst_ip = null;
try {
dst_mac = testEntity.getParamJson()[0];
src_mac = testEntity.getParamJson()[1];
dst_ip = testEntity.getParamJson()[2];
src_ip = testEntity.getParamJson()[3];
src_mac = testEntity.getParamJson()[0];
dst_mac = testEntity.getParamJson()[1];
src_ip = testEntity.getParamJson()[2];
dst_ip = testEntity.getParamJson()[3];
} catch (Exception e) {
log.error("icmp参数解析失败!");
}
......@@ -638,14 +722,14 @@ public class ProtocolTemplateImpl implements ProtocolTemplateService {
if (!TestTools.paramsLenghtTest(testEntity.getParamJson().length, 2, "http"))
return "";
String dst_ip = null;
String port = null;
String dst_port = null;
try {
dst_ip = testEntity.getParamJson()[0];
port = testEntity.getParamJson()[1];
dst_port = testEntity.getParamJson()[1];
} catch (Exception e) {
log.error("http_dos_qemu参数解析失败!");
}
return kitty.getVenvPath() + " " + kitty.getPath() + ProtocolConstent.HTTP_DOS_QUMU + " -d " + dst_ip + " -p " + port;
return kitty.getVenvPath() + " " + kitty.getPath() + ProtocolConstent.HTTP_DOS_QUMU + " -d " + dst_ip + " -p " + dst_port;
}
private String hdlcCmd(TestEntity testEntity) {
......@@ -658,31 +742,31 @@ public class ProtocolTemplateImpl implements ProtocolTemplateService {
private String ftpCmd(TestEntity testEntity) {
if (!TestTools.paramsLenghtTest(testEntity.getParamJson().length, 2, "ftp"))
return "";
String target_host = null;
String target_port = null;
String dst_ip = null;
String dst_port = null;
try {
target_host = testEntity.getParamJson()[0];
target_port = testEntity.getParamJson()[1];
dst_ip = testEntity.getParamJson()[0];
dst_port = testEntity.getParamJson()[1];
} catch (Exception e) {
log.error("ftp参数解析失败!");
throw new FuzzException("count of params is not match!");
}
return kitty.getVenvPath() + " " + kitty.getPath() + ProtocolConstent.FTP + target_host + " " + target_port;
return kitty.getVenvPath() + " " + kitty.getPath() + ProtocolConstent.FTP + dst_ip + " " + dst_port;
}
private String frpCmd(TestEntity testEntity) {
if (!TestTools.paramsLenghtTest(testEntity.getParamJson().length, 2, "frp"))
return "";
String target_host = null;
String target_port = null;
String dst_ip = null;
String dst_port = null;
try {
target_host = testEntity.getParamJson()[0];
target_port = testEntity.getParamJson()[1];
dst_ip = testEntity.getParamJson()[0];
dst_port = testEntity.getParamJson()[1];
} catch (Exception e) {
log.error("frp参数解析失败!");
throw new FuzzException("count of params is not match!");
}
return kitty.getVenvPath() + " " + kitty.getPath() + ProtocolConstent.FRP + target_host + " " + target_port;
return kitty.getVenvPath() + " " + kitty.getPath() + ProtocolConstent.FRP + dst_ip + " " + dst_port;
}
private String dnsCmd(TestEntity testEntity) {
......@@ -719,13 +803,13 @@ public class ProtocolTemplateImpl implements ProtocolTemplateService {
if (!TestTools.paramsLenghtTest(testEntity.getParamJson().length, 4, "bgp"))
return "";
String src_ip = null;
String src_port = null;
String dst_ip = null;
String src_port = null;
String dst_port = null;
try {
src_ip = testEntity.getParamJson()[0];
src_port = testEntity.getParamJson()[1];
dst_ip = testEntity.getParamJson()[2];
dst_ip = testEntity.getParamJson()[1];
src_port = testEntity.getParamJson()[2];
dst_port = testEntity.getParamJson()[3];
} catch (Exception e) {
log.error("bgp参数解析失败!");
......@@ -737,11 +821,11 @@ public class ProtocolTemplateImpl implements ProtocolTemplateService {
public String arpCmd(TestEntity testEntity) throws FuzzException {
if (!TestTools.paramsLenghtTest(testEntity.getParamJson().length, 2, "arp"))
return "";
String dst_mac = null;
String src_mac = null;
String dst_mac = null;
try {
dst_mac = testEntity.getParamJson()[0];
src_mac = testEntity.getParamJson()[1];
src_mac = testEntity.getParamJson()[0];
dst_mac = testEntity.getParamJson()[1];
} catch (Exception e) {
log.error("arp参数解析失败!");
throw new FuzzException("count of params is not match!");
......
fuzzIntegration/src/main/resources/application-dev.yml
logging:
pattern:
file: "%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{50} - %msg%n"
console: "%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{50} - %msg%n"
file:
# 默认日志路径
path: ./log
path: ./fuzzintegrationlog/log
level:
root: info
org.springframework.data.mongodb.core: debug
......@@ -19,7 +17,8 @@ filepath:
seedPath: "/usr/fuzzenv/fuzzenv/aflnet/tutorials/live555/in-rtsp"
kitty:
aflnetPath: "/usr/fuzzenv/fuzzenv/"
aflnetPath: "/usr/fuzzenv/fuzzenv/"#alfnet路径
outputPath: "/home/" #alfnet输出路径
path: "/usr/fuzzenv/fuzzenv/fuzz50/kitty/renix/" #kitty项目下的各协议生成模板python文件路径
venvPath: "/usr/fuzzenv/fuzzenv/fuzz50/kitty/venv/bin/python"
methodPath: "/usr/fuzzenv/fuzzenv/fuzz50/kitty/2020test/"#kitty下变异方法路径
......@@ -33,6 +32,12 @@ spring:
cloud:
nacos:
discovery:
server-addr: http://192.168.50.247:8848
server-addr: http://${nacos-docker.ip}:8848
path:
webSocketUri: "ws://192.168.50.247:8101/websocket/testResult/"
webSocketUri: ws://${fuzzmaster-docker.ip}:8101/websocket/testResult/
nacos-docker:
ip: 192.168.50.247
fuzzmaster-docker:
ip: 192.168.50.247
\ No newline at end of file
fuzzbackendmaster/src/main/java/com/example/fuzzbackendmaster/FuzzBackendMaster.java
......@@ -9,5 +9,6 @@ public class FuzzBackendMaster {
public static void main(String[] args) {
SpringApplication.run(FuzzBackendMaster.class, args);
System.out.println("Start successfully!");
}
}
fuzzbackendmaster/src/main/resources/application-dev.yml
......@@ -4,7 +4,7 @@ logging:
console: "%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{50} - %msg%n"
file:
# 默认日志路径
path: ./fuzzbackendmaster/log
path: ./fuzzbackendmasterlog/log
level:
root: info
org.springframework.data.mongodb.core: debug
......@@ -17,5 +17,7 @@ spring:
cloud:
nacos:
discovery:
server-addr: http://192.168.50.247:8848
server-addr: http://${nacos-docker.ip}:8848
nacos-docker:
ip: 192.168.50.247
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment