Äú¿ÉÒÔ¾èÖú£¬Ö§³ÖÎÒÃǵĹ«ÒæÊÂÒµ¡£

1Ôª 10Ôª 50Ôª





ÈÏÖ¤Â룺  ÑéÖ¤Âë,¿´²»Çå³þ?Çëµã»÷Ë¢ÐÂÑéÖ¤Âë ±ØÌî



  ÇóÖª ÎÄÕ ÎÄ¿â Lib ÊÓƵ iPerson ¿Î³Ì ÈÏÖ¤ ×Éѯ ¹¤¾ß ½²×ù Model Center   Code  
»áÔ±   
   
 
     
   
 ¶©ÔÄ
  ¾èÖú
Ä£ºý²âÊÔ֮ʵÀý½²½â
 
×÷ÕߣºÌìÌì
  3533  次浏览      18
 2019-10-30
 
±à¼­ÍƼö:
ÎÄÕÂÖ÷Òª½éÉÜÁËÄ£ºý²âÊԵĸÅÄPeach-pit5¸öÄ£¿éµÄ¶¨Òå·½·¨£¬ÒÔ¼°ÓÃpeach½øÐÐÄ£ºý²âÊԵĻù±¾¹ý³Ì¡£
±¾ÎÄÀ´×ÔÓÚichunqiu£¬ÓÉ»ðÁú¹ûÈí¼þLuca±à¼­¡¢ÍƼö¡£

ʲôÊÇÄ£ºý²âÊÔ

Ä£ºý²âÊÔ£¨Fuzzing£©£¬ÊÇÒ»ÖÖͨ¹ýÏòÄ¿±êϵͳÌṩ·ÇÔ¤ÆÚµÄÊäÈë²¢¼àÊÓÒì³£½á¹ûÀ´·¢ÏÖÈí¼þ©¶´µÄ·½·¨¡£²âÊԵĻù±¾Ë¼Ïë¾ÍÊÇͨ¹ýÏò³ÌÐòÖÐÊäÈë´óÁ¿µÄËæ»úÊý¾Ý£¬È»ºó¹Û²ìÊäÈëÕâЩÊý¾ÝÖ®ºó³ÌÐòµÄÇé¿ö£¬¼Ç¼ÏÂʹ³ÌÐò·¢ÉúÒì³£µÄÊý¾Ý£¬´Ó¶øÅжϳÌÐòÊÇÔÚÄÇЩµØ·½·¢ÉúÁËÒì³£¡£

Ä£ºý²âÊÔµÄʵÏÖÊÇÒ»¸ö·Ç³£¼òµ¥µÄ¹ý³Ì£º

1. ×¼±¸Ò»·Ý²åÈë³ÌÐòÖеÄÕýÈ·µÄÎļþ¡£

2. ÓÃËæ»úÊý¾ÝÌæ»»¸ÃÎļþµÄijЩ²¿·Ö¡£

3. ÓóÌÐò´ò¿ªÎļþ¡£

4. ¹Û²ìÆÆ»µÁËʲô¡£

Peachfuzzer

Peachfuzzer ÊÇÒ»¿îÏȽøµÄÇÒ¿ÉÀ©Õ¹µÄ°²È«²âÊÔƽ̨£¬Õâ¿îÈí¼þÊÊÓÃÓÚÈí¼þ²âÊÔÈËÔ±ÆóÒµµÄ°²È«±£Ö¤ÍŶӣ¬ÒÔ¼°²âÊÔʵÑéÊÒÓÃÀ´×Ô¶¯µÄ·¢ÏÖÈí¼þµÄ´àÈõÐÔºÍÈí¼þµÄÍ»±äµÄÓ¦¶Ô·½·¨¡£

Peachfuzzer is an advanced and extensible security testing platform. This software enables software testers, enterprise quality assurance teams, and testing labs to find vulnerabilities in software using automated generative and mutational methods.

Peach-pit

PeachËùʹÓõÄPeach PitÎļþ°üº¬ÁËÒÔÏÂ5¸öÄ£¿é£º

GeneralConf

DataModel

StateModel

Agents and Monitors

Test and Run Configuration

ÏÂÃæ·Ö±ð½éÉÜÕâ5¸öÄ£¿éµÄ¶¨Òå·½·¨£¬²¢Íê³ÉÒ»¸ö¼òµ¥µÄHelloWorld³ÌÐò¡£

ÌâÍâ»°£ºÔÚÕâ֮ǰ£¬ÎÒÃÇÐèҪ׼±¸Ò»¸öºÃÓõÄXMLÎļþ±à¼­Æ÷£¬Visual Studio£¬Open XML Editor»òÕßNotepad++¶¼ÊDz»´íµÄÑ¡Ôñ¡£ÕâÀïÎÒʹÓõÄÊÇNotepad++£¬Ëü¼¯³ÉÁËÊýÊ®ÖÖÓïÑÔµÄÓï·¨×ÅÉ«·½°¸£¬²¢ÇÒ£¬Ëü°²×°ÍêºóÖ»ÓÐ10MB×óÓÒ¡£

Ê×ÏÈ£¬ÎÒÃÇÏÈ´îºÃÒ»¸öXML¿ò¼Ü£¬ÏÂÃæҪдµÄËùÓÐÔªËض¼Òª±»°üº¬ÔÚ¸ùÔªËØ<Peach>Àï¡£

<?xml version="1.0" encoding="utf-8"?>[/align] <Peach xmlns=http://phed.org/2008/Peach
xmlns:xsi="http://www.w3.org/ 2001/ XMLSchema-instance"
xsi:schemaLocation=http://phed.org/2008/Peach ../peach.xsd >
<!-- add elements here -->
[align=left]</Peach>

ÆäÖУ¬PeachÔªËصĸ÷¸öÊôÐÔ»ù±¾Êǹ̶¨µÄ£¬²»ÒªÇáÒ׸Ķ¯¡£

£¨1£©GeneralConf

GeneralConfÊÇPeach PitÎļþµÄµÚÒ»²¿·Ö£¬ÓÃÀ´¶¨Òå»ù±¾ÅäÖÃÐÅÏ¢¡£¾ßÌåÀ´Ëµ£¬°üÀ¨ÒÔÏÂÈýÖÖÔªËØ¡£

Include£ºÒª°üº¬µÄÆäËûPeach PitÎļþ¡£

Import£ºÒªµ¼ÈëµÄpython¿â¡£

PythonPath£ºÒªÌí¼ÓµÄpython¿âµÄ·¾¶¡£

ҪעÒâµÄÊÇ£¬ËùÓеÄPeach PitÎļþ¶¼Òª°üº¬default.xmlÕâ¸öÎļþ¡£

ÔÚHelloWorldÖУ¬GerneralConf²¿·ÖÖ»ÐèдÈëÈçÏÂÄÚÈÝ¡£

<Include ns="default" src="file:defaults.xml" />

£¨2£©DataModel

DataModelÔªËØÓÃÀ´¶¨ÒåÊý¾ÝÄ£ÐÍ£¬°üÀ¨Êý¾Ý½á¹¹ºÍÊý¾Ý¹ØϵµÈ¡£Ò»¸öPeach PitÎļþÖÐÐèÒª°üº¬Ò»¸ö»òÕ߶à¸öÊý¾ÝÄ£ÐÍ¡£DataModel¿ÉÒÔ¶¨ÒåµÄ¼¸ÖÖ³£ÓõÄÊý¾ÝÀàÐÍÈçÏ¡£

String£º×Ö·û´®ÐÍ¡£

Number£ºÊý¾ÝÐÍ¡£

Blob£ºÎÞ¾ßÌåÊý¾ÝÀàÐÍ¡£

Block£ºÓÃÓÚ¶ÔÊý¾Ý½øÐзÖ×é¡£

±ÈÈ磺

<DataModel name="HelloData">[/align] <String name="ID" size="32" value="RIFF" isStatic="true" />
<Block name="TypeAndData">
<Number name="Type" size="16"/>
<Blob name="Data"/>
</Block>
</DataModel>

ҪעÒâµÄÊÇ£¬sizeµÄµ¥Î»ÊÇbit¡£ÉÏÃæµÄÀý×ÓÖУ¬¡±ID¡±µÄ¡±size¡±Îª32£¬±íʾ¡±ID¡±µÄ³¤¶ÈΪ4×Ö½Ú£¨1 byte = 8 bits£©£¬¸ÕºÃËüµÄÖµ¡±RIFF¡±Ò²ÊÇ4¸ö×Ö½Ú¡£

ÔÚHelloWorld³ÌÐòÖУ¬½ö¶¨ÒåÒ»¸öֵΪ¡±Hello World!¡±µÄStringÀàÐÍÊý¾Ý¡£

<DataModel name="HelloWorldTemplate">[/align] <String value="Hello World!" />
</DataModel>

£¨3£©StateModel

StateModelÔªËØÓÃÓÚÃèÊöÈçºÎÏòÄ¿±ê³ÌÐò·¢ËÍ£¯½ÓÊÕÊý¾Ý¡£StateModelÓÉÖÁÉÙÒ»¸öState×é³É£¬²¢ÇÒÓÃinitialStateÖ¸¶¨µÚÒ»¸öState£»Ã¿¸öStateÓÉÖÁÉÙÒ»¸öAction×é³É£¬ActionÓÃÓÚ¶¨ÒåStateModelÖеĸ÷ÖÖ¶¯×÷£¬¶¯×÷ÀàÐÍÓÉtypeÀ´Ö¸¶¨¡£ActionÖ§³ÖµÄ¶¯×÷ÀàÐÍ°üÀ¨start¡¢stop¡¢open¡¢close¡¢input¡¢output¡¢callµÈ¡£ÏÂÃæÊÇÒ»¸öÀý×Ó£º

<Action type="input">[/align] <DataModel ref="InputModel" />
</Action>

<Action type="output">
<DataModel ref="SomeDataModel" />
<Data name=¡±sample¡± filename=¡±sample.bin¡±/>
</Action>

<Action type="call" method="DoStuff">
<Param name="param1" type="in">
<DataModel ref="Param1DataModel" />
</Param>
</Action>

<Action type="close" />

ÉÏÀýÖУ¬µÚÒ»¸öActionÃèÊöÁËÒ»¸öÊäÈëÐͶ¯×÷£¬±íʾ°´ÕÕÊý¾ÝÄ£ÐÍInputModel²úÉúÊý¾Ý²¢×÷ΪÊäÈëÊý¾Ý£»µÚ¶þ¸öActionÃèÊöÁËÒ»¸öÊä³öÐͶ¯×÷£¬±íʾ°´ÕÕÊý¾ÝÄ£ÐÍSomeDataMode²úÉúÊý¾Ý²¢Êä³öµ½Îļþsample.binÖУ»µÚÈý¸öActionÃèÊöÁËÒ»¸öµ÷Óö¯×÷£¬±íʾµ÷Óú¯ÊýDoStuff£¬²¢ÇÒ½«°´ÕÕÊý¾ÝÄ£ÐÍParam1DataModel²úÉúµÄÊý¾Ý×÷Ϊº¯ÊýDoStuffµÄ²ÎÊý£»µÚËĸöActionÃèÊöÁËÒ»¸ö¹Ø±Õ³ÌÐòµÄ¶¯×÷¡£

µ±´úÂëÖдæÔÚ¶à¸öActionʱ£¬Ôò´ÓÉÏÖÁÏÂÒÀ´ÎÖ´ÐС£

ÔÚHelloWorld³ÌÐòÖУ¬ÎÒÃÇÖ»ÐèÒª½ÓÊÕÊý¾ÝÄ£ÐÍ¡±HelloWorldTemplate¡°ÖеÄÊý¾Ý£¬ËùÒÔд³öÈçϵÄStateModel¡£

<StateModel name="State" initialState="State1" >[/align] <State name="State1" >
<Action type="output" >
<DataModel ref="HelloWorldTemplate"/>
</Action>
</State>
</StateModel>

£¨4£©Agent

AgentÔªËØÓÃÓÚ¶¨Òå´úÀíºÍ¼àÊÓÆ÷£¬¿ÉÒÔÓÃÀ´µ÷ÓÃWinDbgµÈµ÷ÊÔÆ÷À´¼à¿Ø³ÌÐòÔËÐеĴíÎóÐÅÏ¢µÈ¡£Ò»¸öPeach PitÎļþ¿ÉÒÔ¶¨Òå¶à¸öAgent£¬Ã¿¸öAgentÏ¿ÉÒÔ¶¨Òå¶à¸öMonitor¡£ÏÂÃæÊÇÒ»¸öÀý×Ó£º

<Agent name="LocalAgent" location="http://127.0.0.1:9000">[/align] <Monitor class="debugger.WindowsDebugEngine">
<Param name="CommandLine" value="notepad.exe fileName" />
</Monitor>
<Monitor class="process.PageHeap">
<Param name="Executable" value="notepad.exe" />
</Monitor>
</Agent>

ÉÏÀýÖУ¬µÚÒ»¸öMonitorÀàÐÍΪdebugger.WindowsDebugEngine£¬Êǵ÷ÓÃWinDbgÀ´Ö´ÐÐÏÂÃæµÄ¡±notepad.exe filename¡±ÃüÁîµÄ¡£µÚ¶þ¸öMonitorÀàÐÍΪprocess.PageHeap£¬Òâ˼ÊÇΪnotepad.exe¿ªÆôÒ³¶Ñµ÷ÊÔ£¨Page Heap Debug£©£¬ÕâÔÚ´ó¶àÊýWindows FuzzingÖж¼ÊǺÜÓÐÓõġ£

ÔÚHelloWorld³ÌÐòÖУ¬ÎÒÃDz»ÐèÒªÆôÓÃWinDbgµ÷ÊÔ£¬ËùÒÔÎÞÐèÅäÖÃAgent¡£

£¨5£©Test and Run configuration

ÔÚPeach PitÎļþÖУ¬Test and Run configuration °üÀ¨ Test ºÍ Run Á½¸öÔªËØ¡£

TestÔªËØÓÃÀ´¶¨ÒåÒ»¸ö²âÊÔµÄÅäÖ㬰üÀ¨Ò»¸öStateModelºÍÒ»¸öPublisher£¬ÒÔ¼°includeing/excluding¡¢AgentÐÅÏ¢µÈ¡£ÆäÖÐStateModelºÍPublisherÊDZØÐ붨ÒåµÄ£¬ÆäËûÊÇ¿ÉÑ¡¶¨ÒåµÄ¡£ÏÂÃæÊÇÒ»¸öTestÅäÖõÄÀý×Ó¡£

<Test name="TheTest">[/align] <Exclude xpath="//Reserved" />
<Agent ref="LocalAgent" />
<StateModel ref="TheState" />
<Publisher class="file.FileWriter">
<Param name="fileName" value="FuzzedFile"/>
</Publisher>
</Test>

ÏȶÔPublisher×öһϽéÉÜ¡£PublisherÓÃÀ´¶¨ÒåPeachµÄIOÁ¬½Ó£¬¿ÉÒÔ¹¹ÔìÍøÂçÊý¾ÝÁ÷£¨ÈçTCP£¬UDP£¬HTTP£©ºÍÎļþÁ÷£¨ÈçFileWriter£¬FileReader£©µÈ¡£ÉÏÀýÖеÄPublisher¶¨Òå±íʾ½«Éú³ÉµÄ»ûÐÎÊý¾Ýдµ½FuzzedFileÎļþÖС£

ÔÚHelloWorld³ÌÐòÖУ¬ÐèÒª×öµÄ½ö½öÊÇ°ÑÉú³ÉµÄ»ûÐÎÊý¾ÝÏÔʾµ½ÃüÁîÐУ¬ËùÒÔPublisherÓõÄÊDZê×¼Êä³östdout.Stdout¡£

<Test name="HelloWorldTest"> [/align] <StateModel ref="State"/>
<Publisher class="stdout.Stdout" />
</Test>

ÏÖÔÚµ½ÁË×îºóÒ»²½£¬RunµÄÅäÖá£RunÔªËØÓÃÀ´¶¨ÒåÒªÔËÐÐÄÄЩ²âÊÔ£¬°üº¬Ò»¸ö»ò¶à¸öTest£¬ÁíÍ⻹¿ÉÒÔͨ¹ýLoggerÔªËØÅäÖÃÈÕÖ¾À´²¶»ñÔËÐнá¹û¡£µ±È»£¬LoggerÒ²ÊÇ¿ÉÑ¡µÄ¡£

<Run name="DefaultRun">[/align] <Test ref="TheTest" />
<Logger class="logger.Filesystem">
<Param name="path" value="c:\peach\logtest" />
</Logger>
</Run>

ÉÏÀý±íʾ³ÌÐòÔËÐС±TheTest¡±Õâ¸ö²âÊÔ£¬²¢ÇÒ°ÑÔËÐÐÈÕÖ¾¼Ç¼µ½C:\peach\logtestĿ¼Ï¡£

ÔÚHelloWorld³ÌÐòÖУ¬Ö»ÐèÒªÔÚRunÅäÖÃÖзÅÈë֮ǰ¶¨ÒåºÃµÄHelloWorldTest¾Í¿ÉÒÔÁË¡£

<Run name="DefaultRun">[/align] <Test ref="HelloWorldTest" />
</Run>

ʾÀý²âÊÔ¹ý³Ì

ÏÂÃæÎÒÃǾÍ×î¼òµ¥µÄ²âÊÔ³ÌÐòΪÀý£¬À´½²½âÒ»ÏÂÓÃpeach½øÐÐÄ£ºý²âÊԵĻù±¾¹ý³Ì¡£

ÎÒÃÇËùÓõÄpeach-pitÎļþÊÇhelloworld.xmlÎļþ£¬ËüÔÚ´òÓ¡Êä³öhelloworld×Ö·û´®Ö®ºó»á×Ô¶¯µÄÉú³ÉºÜ¶àµÄ±äÖÖ×Ö·û´®£¬°üÀ¨³¬³¤´®ºÍnullȱʧµÄ·Ç·¨´®µÈ£¬¼¸ºõÖ»ÒªÊÇ¿ÉÒÔÔì³É³ÌÐò³ö´íµÄ´®¶¼»áÉæ¼°µ½¡£

ÒÔÏÂÊÇÍêÕûµÄ´úÂ룺

<?xml version="1.0" encoding="UTF-8"?>
<Peachxmlns="http://phed.org/2008/peach"xmlns:xsi= "http://www.w3.org/2001/XMLschema-instance" xsi:schemalocation="http://phed.org/2008/peach ../peach.xsd" version="1.0"
author="Michael Eddington" description="Hello World Example" />
<Include ns="default"src="file:defaults.xml" />
<DateModel name="HelloWorldTemplate">
<String value="hello world!" />
</DateModel>
<StateModel name="State" initialState="State1">
<State name="State1">
<Action type="output">
<DateModl ref="HelloWorldTemplate" />
</Action>
</State>
</StateModel>
<Test name="HelloWorldTest">
<StateModel ref="State"/>
<Publisher class="stdout.Stdout"/>
</Test>
<Run name="DefaultRun" description="Stdout HelloWorld Run">
<Test ref="HelloWorldTest"/>
</Run>
</peach>

È»ºóÔËÐÐÒÔÉÏpitÎļþ¡£
 
   
3533 ´Îä¯ÀÀ       18
Ïà¹ØÎÄÕÂ
΢·þÎñ²âÊÔÖ®µ¥Ôª²âÊÔ
һƪͼÎÄ´øÄãÁ˽â°×ºÐ²âÊÔÓÃÀýÉè¼Æ·½·¨
È«ÃæµÄÖÊÁ¿±£ÕÏÌåϵ֮»Ø¹é²âÊÔ²ßÂÔ
È˹¤ÖÇÄÜ×Ô¶¯»¯²âÊÔ̽Ë÷
Ïà¹ØÎĵµ
×Ô¶¯»¯½Ó¿Ú²âÊÔʵ¼ù֮·
jenkins³ÖÐø¼¯³É²âÊÔ
ÐÔÄܲâÊÔÕï¶Ï·ÖÎöÓëÓÅ»¯
ÐÔÄܲâÊÔʵÀý
Ïà¹Ø¿Î³Ì
³ÖÐø¼¯³É²âÊÔ×î¼Ñʵ¼ù
×Ô¶¯»¯²âÊÔÌåϵ½¨ÉèÓë×î¼Ñʵ¼ù
²âÊԼܹ¹µÄ¹¹½¨ÓëÓ¦ÓÃʵ¼ù
DevOpsʱ´úµÄ²âÊÔ¼¼ÊõÓë×î¼Ñʵ¼ù