diff options
Diffstat (limited to 'tools/ffuzzer')
-rw-r--r-- | tools/ffuzzer/ffuzzer.sh | 66 | ||||
-rw-r--r-- | tools/ffuzzer/process.py | 31 |
2 files changed, 97 insertions, 0 deletions
diff --git a/tools/ffuzzer/ffuzzer.sh b/tools/ffuzzer/ffuzzer.sh new file mode 100644 index 0000000..aab0705 --- /dev/null +++ b/tools/ffuzzer/ffuzzer.sh @@ -0,0 +1,66 @@ +#!/bin/sh + +MAX_FORMATS=20 + +export PYTHONPATH=$(readlink -f "$PWD/../../plugins/pychrysa/.libs") + +if [ ! -e "$PYTHONPATH/pychrysalide.so" ]; then + echo '[!] PyChrysalide module not found, exiting...' + exit 1 +else + echo "[i] PyChrysalide module found in $PYTHONPATH." +fi + +which melkor 2>&1 > /dev/null + +if [ "$?" -ne 0 ]; then + echo '[!] melkor not found, exiting...' + exit 1 +else + echo '[i] melkor found!' +fi + +if [ -z "$FFUZZ_TEMPLATE" ]; then + echo '[!] $FFUZZ_TEMPLATE is not set, exiting...' + exit 1 +else + echo "[i] Using $FFUZZ_TEMPLATE as template." +fi + +WORKING_DIR="orcs_$(basename $FFUZZ_TEMPLATE)" +rm -rf $WORKING_DIR + +melkor -A -n $MAX_FORMATS -l 15 -q $FFUZZ_TEMPLATE + +ulimit -c unlimited + +cd $WORKING_DIR + +chmod a+x * +chmod a-x Report_* + +core_count=0 + +for f in `find . -type f -perm +111`; do + + target=`basename $f` + + echo "[*] Processing '$WORKING_DIR/$target'..." + + python3-dbg ../process.py $target > /dev/null + + if [ "$?" -eq 0 ]; then + echo ' --> disassembly done!' + fi + + if [ -e core ]; then + echo ' --> renaming core...' + mv core $target.core + core_count=$((core_count + 1)) + fi + +done + +echo '[i] Done.' + +echo "[i] Got $core_count core(s) for $MAX_FORMATS input files." diff --git a/tools/ffuzzer/process.py b/tools/ffuzzer/process.py new file mode 100644 index 0000000..c1bf2b7 --- /dev/null +++ b/tools/ffuzzer/process.py @@ -0,0 +1,31 @@ +#!/usr/bin/python3-dbg +# -*- coding: utf-8 -*- + +from gi.repository import Gtk +from pychrysalide.analysis import LoadedBinary +from pychrysalide.analysis.contents import FileContent + +import sys + +for arg in sys.argv[1:]: + + fc = FileContent(arg) + + print(' --> file content:', fc) + + binary = LoadedBinary(fc) + + print(' --> loaded binary:', binary) + + if binary is not None: + + def disassembly_is_done(obj, binary): + Gtk.main_quit() + + binary.connect('disassembly-done', disassembly_is_done, binary) + + binary.analyse() + + # Attente de la réception du signal + # Cf. http://stackoverflow.com/questions/28873688/python-how-to-block-in-pygtk-while-waiting-for-timeout-add-callback + Gtk.main() |