Commit graph

14 commits

Author SHA1 Message Date
Kyle Marsh
18c3fe53c2 S3 Fuzzer: Output and garbage data tweaks.
- Output tweaks
- added support for printable_no_whitespace and binary_no_whitespace
2011-09-12 13:03:55 -07:00
Kyle Marsh
23fee1476a S3 Fuzzer: Start Fuzzing
- tweak yaml decision graph
- add test setup bucket creation, etc.
- add output with varying levels of verbosity
2011-09-12 13:01:07 -07:00
Kyle Marsh
e12f124686 S3 Fuzzer: Change how random data works
Remove SpecialVariables dict subclass in favor of RepeatExpandingFormatter
string.Formatter subclass.
2011-09-12 12:58:57 -07:00
Kyle Marsh
14288ad2f6 S3 Fuzzer: Incorporate Tv's suggestions
Tv looked over the fuzzer and had some idiomatic and design suggestions.

Adds several tests and reworks how expansion happens in addition to idiom
changes.
2011-09-12 12:57:43 -07:00
Kyle Marsh
bb7111a0d1 S3 Fuzzer: Write Decision Graph
Start writing the decision graph describing the fuzzer's attack surface in
earnest.
2011-09-12 12:55:32 -07:00
Kyle Marsh
62bd05a390 S3 Fuzzer: Handle null choices
Sometimes you might want to have your current node terminate the descent or
set something to the empty string.
2011-09-12 12:53:18 -07:00
Kyle Marsh
d7b49713f7 S3 Fuzzer: Implmented headers and made random safe
Random can sometimes include } or { which will confuse the string formatter.
Formatter escapes those values when they're doubled: }}, {{ but this
required some slight hacking to the expander.
2011-09-12 12:53:18 -07:00
Kyle Marsh
3f1314f7c8 S3 Fuzzer: set values can be weighted lists now 2011-09-12 12:53:18 -07:00
Kyle Marsh
4737652fc1 S3 Fuzzer: Added binary mode to random data generator 2011-09-12 12:53:18 -07:00
Kyle Marsh
195571b555 S3 Fuzzer: support weights for choices 2011-09-12 12:53:18 -07:00
Kyle Marsh
f5bb3f9c15 S3 Fuzzer: implemented decision expansion
Decision reached by descending the graph describing the attack surface can
be expanded to fill in all the placeholders
2011-09-12 12:53:17 -07:00
Kyle Marsh
7d9ec02686 S3 Fuzzer: Added SpecialVariables dict subclass
Helper class to catch sentinal keys and turn them into random values.  This
will be used to generate garbage data when expanding a decision.

Also add unit tests for expand_decision and assemble_decision
2011-09-12 12:52:37 -07:00
Kyle Marsh
a9a41a2891 S3 Fuzzer: began writing graph descent
still missing headers and choice weights
2011-09-12 12:52:37 -07:00
Kyle Marsh
fc93c02963 S3 Fuzzer: Change direction towards decision tree
Fuzzer now builds requests based on a DAG that describes the request space
and attack surface.
2011-09-12 12:51:01 -07:00