SWEN90006 Assignment 2 2019
Please see the assignment handout which contains all the essential information.
Structure of this repository:
- src/original/: - where the code for the original passbook lives
- src/vuln-1 -- src/vuln-5 - where your vulnerable versions will live
- poc/: - where your PoCs will live
- fuzzer/: - where your fuzzer will live
Pre-Included Scripts:
- Makefile - makefile for building the C implementation etc.
- get_coverage.sh - script to generate coverage reports
- run_fuzzer.sh - script for running your fuzzer to generate inputs
Vulnerable Versions (you should put your security vulnerabilities in here):
- src/vuln-1/passbook.c -- src/vuln-5/passbook.c
Proofs of Concept (PoCs that you should provide for each vulnerability):
- poc/vuln-1.poc -- poc/vuln-5.poc
Commands for testing (by Yang Liu):
- If you want to test with 0 total number of runs (fresh start), delete config.cfg in /fuzzer if it exists.
-
Generate 100 fuzz.txt
bash ./run_fuzzer.sh -
Run the generated 100 fuzz.txt above:
bash ./run_tests.sh original
This is to run all the txt inputs on original. Replace 'original' with 'vuln-1' to 'vuln-5' as needed. -
Calculate coverage rate:
bash ./get_coverage.sh ./fuzzer/fuzz.txt
Replace the './fuzzer/fuzz.txt' with the txt file used.
How to use Fuzzer.java
In Fuzzer.java, main, find the 'modes.add' lines. change them or add more to modes.Those run mode will be executed one by one, one for each Fuzzer run.