test

df2e1715 · 钱炳权 · 35399eb8 · df2e1715 · df2e1715 · df2e1715
Commit df2e1715 authored Apr 22, 2024 by 钱炳权
6 changed files
--- a/fuzzbackend/src/main/java/com/example/fuzzControll/controller/TestControler.java
+++ b/fuzzbackend/src/main/java/com/example/fuzzControll/controller/TestControler.java
@@ -31,7 +31,6 @@ public class TestControler {
            new Thread(new Runnable() {
                @Override
                public void run() {
-                    log.info("aflnet start!");
                    service.testStart(cmdStartParams);
                }
            }).start();
@@ -50,7 +49,6 @@ public class TestControler {
        try {
            service.testStop();
        } catch (Exception e) {
-            log.error(e.getMessage());
            return AjaxResult.error("测试停止失败！");
        }
        return AjaxResult.success("测试停止成功！");

--- a/fuzzbackend/src/main/java/com/example/fuzzControll/service/impl/GenerateMethodServiceImpl.java
+++ b/fuzzbackend/src/main/java/com/example/fuzzControll/service/impl/GenerateMethodServiceImpl.java
@@ -25,40 +25,43 @@ public class GenerateMethodServiceImpl implements GenerateMethodService {
    public Map<String, List<String>> generation(TestEntity testEntity) throws FuzzException, CmdException {
        String cmd = parseParameters(testEntity);
        if (cmd.isEmpty()) {
-            throw new FuzzException("cmd is null!");
+            throw new FuzzException("cmd is null ! The number of parameters does not match!");
        }
        return cmdTools.runProgramCmdAndResult(cmd);
    }

    public String parseParameters(TestEntity testEntity) {
-        switch (testEntity.getTestClassName().toLowerCase()) {
-            case "foreach":
-                return cmd(testEntity, "-f");
-            case "repeat":
-                return cmd(testEntity, "-r");
-            case "oneof":
-                return cmd(testEntity, "-o");
-            case "switch":
-                return cmd(testEntity, "-s");
-            case "pad":
-                return cmd(testEntity, "-p");
-            case "template":
-                return cmd(testEntity, "-t");
-            case "meta":
-                return cmd(testEntity, "-m");
-            case "if":
-                return cmd(testEntity, "-c");
-            case "ifnot":
-                return cmd(testEntity, "-e");
-            case "trunc"://have error
-                return cmd(testEntity, "-u");
-            default:
-                log.error("未知变异方法！[{}]", testEntity.getTestClassName());
-                return null;
+        try {
+            switch (testEntity.getTestClassName().toLowerCase()) {
+                case "foreach":
+                    return cmd(testEntity, "-f");
+                case "repeat":
+                    return cmd(testEntity, "-r");
+                case "oneof":
+                    return cmd(testEntity, "-o");
+                case "switch":
+                    return cmd(testEntity, "-s");
+                case "pad":
+                    return cmd(testEntity, "-p");
+                case "template":
+                    return cmd(testEntity, "-t");
+                case "meta":
+                    return cmd(testEntity, "-m");
+                case "if":
+                    return cmd(testEntity, "-c");
+                case "ifnot":
+                    return cmd(testEntity, "-e");
+                case "trunc"://have error
+                    return cmd(testEntity, "-u");
+                default:
+                    throw new FuzzException("Unknown method !");
+            }
+        } catch (FuzzException e) {
+            throw new FuzzException("Unknown method !");
        }
    }

-    private String cmd(TestEntity testEntity, String cmd) {
+    private String cmd(TestEntity testEntity, String cmd) throws FuzzException {
        if (!TestTools.paramsLenghtTest(testEntity.getParamJson().length, 5, "generationMethod"))
            return "";
        String target_host = null;
@@ -73,7 +76,7 @@ public class GenerateMethodServiceImpl implements GenerateMethodService {
            s2 = testEntity.getParamJson()[3];
            s3 = testEntity.getParamJson()[4];
        } catch (Exception e) {
-            log.error("生成方法参数解析失败！");
+            throw new FuzzException("Parameter parsing failed !");
        }
        return kitty.getVenvPath() + " " + kitty.getMethodPath() + "generate_method_test.py " + cmd + " " + s1 + " " + s2 + " " + s3 + " --host=" + target_host + " --port=" + target_port;
    }

--- a/fuzzbackend/src/main/java/com/example/fuzzControll/service/impl/MutationServiceImpl.java
+++ b/fuzzbackend/src/main/java/com/example/fuzzControll/service/impl/MutationServiceImpl.java
@@ -27,74 +27,77 @@ class MutationServiceImpl implements MutationService {
    public Map<String, List<String>> generation(TestEntity testEntity) throws FuzzException, CmdException {
        String cmd = parseParameters(testEntity);
        if (cmd.isEmpty()) {
-            throw new FuzzException("cmd is null!");
+            throw new FuzzException("cmd is null ! The number of parameters does not match!");
        }
        return cmdTools.runProgramCmdAndResult(cmd);
    }

    public String parseParameters(TestEntity testEntity) {
-        switch (testEntity.getTestClassName().toLowerCase()) {
-            case "bit":
-                return variationGranularityCmd(testEntity, 1);
-            case "byte":
-                return variationGranularityCmd(testEntity, 2);
-            case "sqlinjection":
-                return distortionLibCmd(testEntity, 2);
-            case "commandinjection":
-                return distortionLibCmd(testEntity, 1);
-            case "outofbuffer":
-                return distortionLibCmd(testEntity, 3);
-            case "directorytraversal":
-                return distortionLibCmd(testEntity, 4);
-            case "8-bitinteger":
-                return distortionLibCmd(testEntity, 5);
-            case "16-bitinteger":
-                return distortionLibCmd(testEntity, 6);
-            case "32-bitinteger":
-                return distortionLibCmd(testEntity, 7);
-            case "bitflip"://noresponse
-                return distortionLibCmd(testEntity, 8);
-            case "twobitflip"://noresponse
-                return distortionLibCmd(testEntity, 9);
-            case "fourbitflip"://noresponse
-                return distortionLibCmd(testEntity, 10);
-            case "byteflip"://noresponse
-                return distortionLibCmd(testEntity, 11);
-            case "wordflip"://noresponse
-                return distortionLibCmd(testEntity, 12);
-            case "dwordflip"://noresponse
-                return distortionLibCmd(testEntity, 13);
-            case "blockremove"://noresponse
-                return distortionLibCmd(testEntity, 14);
-            case "blockduplicate"://noresponse
-                return distortionLibCmd(testEntity, 15);
-            case "blockset"://noresponse
-                return distortionLibCmd(testEntity, 16);
-            case "bitflips"://noresponse
-                return distortionLibCmd(testEntity, 17);
-            case "byteflips":
-                return mutationStrategyCmd(testEntity, 1);
-            case "interestint8muta":
-                return mutationStrategyCmd(testEntity, 2);
-            case "interestint16muta":
-                return mutationStrategyCmd(testEntity, 3);
-            case "interestint32muta":
-                return mutationStrategyCmd(testEntity, 4);
-            case "onebyterndom":
-                return mutationStrategyCmd(testEntity, 5);
-            case "mutibytesrandom":
-                return mutationStrategyCmd(testEntity, 6);
-            case "deleteonebyterandom":
-                return mutationStrategyCmd(testEntity, 7);
-            case "deletemutibytesrandom":
-                return mutationStrategyCmd(testEntity, 8);
-            case "shufflebytesrandom":
-                return mutationStrategyCmd(testEntity, 9);
-            case "swapadjointwobytes":
-                return mutationStrategyCmd(testEntity, 10);
-            default:
-                log.error("未知变异方法！[{}]", testEntity.getTestClassName());
-                return null;
+        try {
+            switch (testEntity.getTestClassName().toLowerCase()) {
+                case "bit":
+                    return variationGranularityCmd(testEntity, 1);
+                case "byte":
+                    return variationGranularityCmd(testEntity, 2);
+                case "sqlinjection":
+                    return distortionLibCmd(testEntity, 2);
+                case "commandinjection":
+                    return distortionLibCmd(testEntity, 1);
+                case "outofbuffer":
+                    return distortionLibCmd(testEntity, 3);
+                case "directorytraversal":
+                    return distortionLibCmd(testEntity, 4);
+                case "8-bitinteger":
+                    return distortionLibCmd(testEntity, 5);
+                case "16-bitinteger":
+                    return distortionLibCmd(testEntity, 6);
+                case "32-bitinteger":
+                    return distortionLibCmd(testEntity, 7);
+                case "bitflip"://noresponse
+                    return distortionLibCmd(testEntity, 8);
+                case "twobitflip"://noresponse
+                    return distortionLibCmd(testEntity, 9);
+                case "fourbitflip"://noresponse
+                    return distortionLibCmd(testEntity, 10);
+                case "byteflip"://noresponse
+                    return distortionLibCmd(testEntity, 11);
+                case "wordflip"://noresponse
+                    return distortionLibCmd(testEntity, 12);
+                case "dwordflip"://noresponse
+                    return distortionLibCmd(testEntity, 13);
+                case "blockremove"://noresponse
+                    return distortionLibCmd(testEntity, 14);
+                case "blockduplicate"://noresponse
+                    return distortionLibCmd(testEntity, 15);
+                case "blockset"://noresponse
+                    return distortionLibCmd(testEntity, 16);
+                case "bitflips"://noresponse
+                    return distortionLibCmd(testEntity, 17);
+                case "byteflips":
+                    return mutationStrategyCmd(testEntity, 1);
+                case "interestint8muta":
+                    return mutationStrategyCmd(testEntity, 2);
+                case "interestint16muta":
+                    return mutationStrategyCmd(testEntity, 3);
+                case "interestint32muta":
+                    return mutationStrategyCmd(testEntity, 4);
+                case "onebyterndom":
+                    return mutationStrategyCmd(testEntity, 5);
+                case "mutibytesrandom":
+                    return mutationStrategyCmd(testEntity, 6);
+                case "deleteonebyterandom":
+                    return mutationStrategyCmd(testEntity, 7);
+                case "deletemutibytesrandom":
+                    return mutationStrategyCmd(testEntity, 8);
+                case "shufflebytesrandom":
+                    return mutationStrategyCmd(testEntity, 9);
+                case "swapadjointwobytes":
+                    return mutationStrategyCmd(testEntity, 10);
+                default:
+                    throw new FuzzException("Unknown method!");
+            }
+        } catch (FuzzException e) {
+            throw new FuzzException("Count of params is not match or unknown protocol!");
        }
    }

@@ -113,7 +116,7 @@ class MutationServiceImpl implements MutationService {
    }


-    private String variationGranularityCmd(TestEntity testEntity, int methodNum) {
+    private String variationGranularityCmd(TestEntity testEntity, int methodNum) throws FuzzException {
        if (!TestTools.paramsLenghtTest(testEntity.getParamJson().length, 2, "variationGranularity" + methodNum))
            return "";
        String dst_ip = null;
@@ -122,10 +125,11 @@ class MutationServiceImpl implements MutationService {
            dst_ip = testEntity.getParamJson()[0];
            dst_port = testEntity.getParamJson()[1];
        } catch (Exception e) {
-            log.error("variationGranularity [{}] 参数解析失败！", methodNum);
+            throw new FuzzException("Parameter parsing failed !");
        }
        return kitty.getVenvPath() + " " + kitty.getMutationPath() + MutationConstent.TEST_GRANULARITY_BIT_BYTE + " -g " + methodNum + " -d " + dst_ip + " -p " + dst_port;
    }
+
    private String mutationStrategyCmd(TestEntity testEntity, int methodNum) {
        if (!TestTools.paramsLenghtTest(testEntity.getParamJson().length, 2, "mutationStrategy" + methodNum))
            return "";

--- a/fuzzbackend/src/main/java/com/example/fuzzControll/service/impl/ProtocolTemplateImpl.java
+++ b/fuzzbackend/src/main/java/com/example/fuzzControll/service/impl/ProtocolTemplateImpl.java
@@ -27,7 +27,7 @@ public class ProtocolTemplateImpl implements ProtocolTemplateService {
    public Map<String, List<String>> generation(TestEntity testEntity) throws FuzzException, CmdException {
        String cmd = parseParameters(testEntity);
        if (cmd == null || cmd.equals("")) {
-            throw new FuzzException("cmd is null!");
+            throw new FuzzException("cmd is null ! The number of parameters does not match!");
        }
        return cmdTools.runProgramCmdAndResult(cmd);
    }

--- a/fuzzbackend/src/main/java/com/example/fuzzControll/service/impl/VulnerabilityTypeServiceImpl.java
+++ b/fuzzbackend/src/main/java/com/example/fuzzControll/service/impl/VulnerabilityTypeServiceImpl.java
@@ -24,45 +24,47 @@ public class VulnerabilityTypeServiceImpl implements VulnerabilityTypeService {
    public Map<String, List<String>> generation(TestEntity testEntity) throws FuzzException, CmdException {
        String cmd = parseParameters(testEntity);
        if (cmd.isEmpty()) {
-            throw new FuzzException("cmd is null!");
+            throw new FuzzException("cmd is null ! The number of parameters does not match!");
        }
        return cmdTools.runProgramCmdAndResult(cmd);
    }

    public String parseParameters(TestEntity testEntity) {
-        switch (testEntity.getTestClassName().toLowerCase()) {
-            case "array_index_out_of_bounds_vulnerabilit"://have error
-                return cmd(testEntity, 0);
-            case "boundary_condition_vulnerability"://have error
-                return cmd(testEntity, 1);
-            case "buffer_overflow_vulnerability"://have error
-                return cmd(testEntity, 2);
-            case "command_injection_vulnerability"://have error
-                return cmd(testEntity, 3);
-            case "memory_duplicate_release_vulnerability"://have error
-                return cmd(testEntity, 4);
-            case "format_string_vulnerability"://have error
-                return cmd(testEntity, 5);
-            case "integer_overflow_vulnerability"://have error
-                return cmd(testEntity, 6);
-            case "numeric_error_vulnerabilit"://have error
-                return cmd(testEntity, 7);
-            case "symbol_extension_vulnerability"://have error
-                return cmd(testEntity, 8);
-            case "uaf_vulnerabilit"://have error
-                return cmd(testEntity, 9);
-            case "cross_script_vulnerability"://have error
-                return cmd(testEntity, 10);
-            case "sql_injection_vulnerabilit"://have error
-                return cmd(testEntity, 11);
-            default:
-                log.error("未知漏洞！[{}]", testEntity.getTestClassName());
-                return null;
+        try {
+            switch (testEntity.getTestClassName().toLowerCase()) {
+                case "array_index_out_of_bounds_vulnerabilit"://have error
+                    return cmd(testEntity, 0);
+                case "boundary_condition_vulnerability"://have error
+                    return cmd(testEntity, 1);
+                case "buffer_overflow_vulnerability"://have error
+                    return cmd(testEntity, 2);
+                case "command_injection_vulnerability"://have error
+                    return cmd(testEntity, 3);
+                case "memory_duplicate_release_vulnerability"://have error
+                    return cmd(testEntity, 4);
+                case "format_string_vulnerability"://have error
+                    return cmd(testEntity, 5);
+                case "integer_overflow_vulnerability"://have error
+                    return cmd(testEntity, 6);
+                case "numeric_error_vulnerabilit"://have error
+                    return cmd(testEntity, 7);
+                case "symbol_extension_vulnerability"://have error
+                    return cmd(testEntity, 8);
+                case "uaf_vulnerabilit"://have error
+                    return cmd(testEntity, 9);
+                case "cross_script_vulnerability"://have error
+                    return cmd(testEntity, 10);
+                case "sql_injection_vulnerabilit"://have error
+                    return cmd(testEntity, 11);
+                default:
+                    throw new FuzzException("Unknown method!");
+            }
+        } catch (FuzzException e) {
+            throw new FuzzException("Unknown class!");
        }
    }

    private String cmd(TestEntity testEntity, int kindNum) {
        return kitty.getVenvPath() + " " + kitty.getVulnerabilityTypePath() + "vul_types_test.py " + kindNum;
    }
-    //todo 还有很多类型要写
 }
--- a/fuzzbackend/src/main/java/com/example/fuzzControll/tools/TestTools.java
+++ b/fuzzbackend/src/main/java/com/example/fuzzControll/tools/TestTools.java
@@ -4,11 +4,8 @@ import lombok.extern.slf4j.Slf4j;

 @Slf4j
 public class TestTools {
-    public static boolean paramsLenghtTest(int paramsLen,int needParamsLen,String name){
-       Boolean isOk = paramsLen==needParamsLen;
-       if(!isOk){
-           log.error("[{}]所需参数与获取参数不符!",name);
-       }
-        return  isOk==true?true:false;
+    public static boolean paramsLenghtTest(int paramsLen, int needParamsLen, String name) {
+        Boolean isOk = paramsLen == needParamsLen;
+        return isOk == true ? true : false;
    }
 }