Skip to content
Snippets Groups Projects

Brownian motion fuzzer

Closed Sharp Robert requested to merge 186477/swen90006-a2-2019:BrownianMotionFuzzer into master
1 file
+ 44
9
Compare changes
  • Side-by-side
  • Inline
+ 44
9
@@ -11,6 +11,10 @@ public class Fuzzer {
private static final String CHAR_LOWER = "abcdefghijklmnopqrstuvwxyz";
private static final String CHAR_UPPER = CHAR_LOWER.toUpperCase();
private static final String NUMBER = "0123456789";
private static final int MAX_STRING_LENGTH = 1014;
private static final int MAX_URL_LENGTH = 300;
private static final int numInputLines = 1024; //Indicates the number of inputs we wish to generate in one file
private static ArrayList<String> savedURLs = new ArrayList<String>();
private static final String DATA_FOR_RANDOM_STRING = CHAR_LOWER + CHAR_UPPER + NUMBER;
@@ -29,11 +33,9 @@ public class Fuzzer {
grammar which is effectively encoded in Instruction.java */
/**Using generation-based fuzzing and Instruction.java,
* create random, valid inputs*/
//Indicates the number of inputs we wish to generate
int numInputs = 10;
* create random, valid inputs*/
for(int i=0; i<numInputs; i++) {
for(int i=0; i<numInputLines; i++) {
String input = generateValidInputs();
//only add the input if it hasn't already been generated
if(inputAlreadyGenerated(input, inputs)) {
@@ -60,17 +62,38 @@ public class Fuzzer {
/**Generates random, valid inputs based on Instruction.java*/
public static String generateValidInputs() {
int maxStringLength = 100;
//add the instruction string
Instruction inst = getRandomInstruction();
String input = inst.getOpcode();
//add the operands
int index =0;
for (OperandType op : inst.getOperands()){
if(op.equals(OperandType.STRING)) {
input += " "+generateRandomString(maxStringLength);
if(index==0 && inst == Instruction.PUT) {
//generate a string with URL length for first arg
String url = generateRandomString(MAX_URL_LENGTH);
//store urls in a list of "saved urls"
savedURLs.add(url);
input += " "+url;
}else if(inst == Instruction.GET){
//use a saved url if one exists
input += " "+ getRandomSavedURL();
}else if(inst == Instruction.REM){
//use and remove a saved url if one exists
String url = getRandomSavedURL();
if(savedURLs.contains(url)) {
savedURLs.remove(url);
}
input += " "+ url;
}else if(op.equals(OperandType.STRING)) {
input += " "+generateRandomString(MAX_STRING_LENGTH);
}
index++;
}
//debug
//System.out.println(input);
@@ -78,10 +101,12 @@ public class Fuzzer {
return input;
}
/**Selects a random instruction*/
/**Selects a random instruction
* Returns any instruction except for masterpassword
* */
public static Instruction getRandomInstruction() {
Instruction[] INSTS = Instruction.values();
int index = new Random().nextInt(INSTS.length);
int index = new Random().nextInt(INSTS.length-1);
return INSTS[index];
}
@@ -118,5 +143,15 @@ public class Fuzzer {
return false;
}
/**Selects a random saved URL*/
public static String getRandomSavedURL(){
if(savedURLs.size()>0) {
int index = new Random().nextInt(savedURLs.size());
return savedURLs.get(index);
}else {
return generateRandomString(MAX_URL_LENGTH);
}
}
}
Loading