-
Notifications
You must be signed in to change notification settings - Fork 537
/
Copy pathdefuzzer.py
126 lines (114 loc) · 4.05 KB
/
defuzzer.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
#!/usr/bin/env python
__description__ = 'Merge 3 or more fuzzed files back to original'
__author__ = 'Didier Stevens'
__version__ = '0.0.2'
__date__ = '2013/03/12'
"""
Source code put in public domain by Didier Stevens, no Copyright
https://DidierStevens.com
Use at your own risk
History:
2013/03/12: start
2013/03/14: generalized to more than 3 files
2013/04/05: added fuzz bytes statistics
Todo:
"""
import optparse
import glob
def MostPrevalent(dChars):
maximumChar = None
maximumValue = 0
maximumCount = 0
for key, value in dChars.items():
if value > maximumValue:
maximumValue = value
maximumCount = 1
maximumChar = key
elif value == maximumValue:
maximumCount += 1
if maximumCount == 1:
return maximumChar
else:
return None
def DicAddGeneric(dicA, dicB):
for key, value in dicB.items():
if key in dicA:
dicA[key] += value
else:
dicA[key] = value
def DeFuzzer(filenameOut, filenames):
countDifference = 0
countLengthSequence = 0
countSequences = 0
maxLengthSequence = 0
minLengthSequence = 0
dFiles = {}
dFuzzBytes = {}
for filename in filenames:
dFiles[filename] = open(filename, 'rb')
fOut = open(filenameOut, 'wb')
while True:
dChars = {}
for dFile in dFiles.values():
c = dFile.read(1)
if not c in dChars:
dChars[c] = 0
dChars[c] += 1
if '' in dChars: # we reached the end of at least one file
if countLengthSequence > 0:
countSequences += 1
maxLengthSequence = max(countLengthSequence, maxLengthSequence)
if minLengthSequence == 0:
minLengthSequence = countLengthSequence
else:
minLengthSequence = min(countLengthSequence, minLengthSequence)
countLengthSequence = 0
break
if len(dChars) == 1: # all characters identical
fOut.write(dChars.keys()[0])
if countLengthSequence > 0:
countSequences += 1
maxLengthSequence = max(countLengthSequence, maxLengthSequence)
if minLengthSequence == 0:
minLengthSequence = countLengthSequence
else:
minLengthSequence = min(countLengthSequence, minLengthSequence)
countLengthSequence = 0
else:
result = MostPrevalent(dChars)
if result == None:
print('Unable to defuzz, all bytes are different')
break
else:
fOut.write(result)
countDifference += 1
countLengthSequence += 1
del dChars[result]
DicAddGeneric(dFuzzBytes, dict([(key, 1) for key, value in dChars.items()]))
for dFile in dFiles.values():
dFile.close()
fOut.close()
print('Number of defuzzed bytes: %d' % countDifference)
print('Number of defuzzed sequences: %d' % countSequences)
print('Length of shortest defuzzed sequence: %d' % minLengthSequence)
print('Length of longest defuzzed sequence: %d' % maxLengthSequence)
keys = dFuzzBytes.keys()
keys.sort()
print('Fuzz bytes:')
print(', '.join(['%s: %d' % (repr(key), dFuzzBytes[key]) for key in keys]))
def Main():
oParser = optparse.OptionParser(usage='usage: %prog [options] mergedfile file-in-1 file-in-2 file-in-3 ...\n' + __description__, version='%prog ' + __version__)
oParser.add_option('-o', '--option', action='store_true', default=False, help='option')
(options, args) = oParser.parse_args()
files = sum(map(glob.glob, args[1:]), [])
if len(files) < 3:
oParser.print_help()
print('')
print(' Source code put in the public domain by Didier Stevens, no Copyright')
print(' Use at your own risk')
print(' https://DidierStevens.com')
return
else:
DeFuzzer(args[0], files)
if __name__ == '__main__':
Main()