#!/bin/sh # script used to create the fuzz dictionary. Basic functions. # need perl (famous perl -e '...') # # Copyright (c) 2004 Martin Vuagnoux # So just put this in place of generator.sh in autodafe to have the hex fuzzing functionality # - Chuck B. help_usage() { echo "$0: creation of the fuzz dictionary" echo "Copyright (c) 2004 Martin Vuagnoux " echo "USAGE : $0 " echo "EXAMPLE: $0 /usr/local/etc/" exit 0 } # test the arguments #if [ "$1" == "" ] # then # help_usage #fi # test if the directory exist if [ -d $1 ] then echo "[*] creating directory: ./autodafe" mkdir ./autodafe 2> /dev/null mkdir ./autodafe/string 2> /dev/null mkdir ./autodafe/hex 2> /dev/null rm -f ./autodafe/string.fuzz 2> /dev/null rm -f ./autodafe/hex.fuzz 2> /dev/null echo "[*] creating file: ./autodafe/string.fuzz" touch ./autodafe/string.fuzz echo "#============================================================="\ >> ./autodafe/string.fuzz echo "# Copyright 2006 (C) Martin Vuagnoux "\ >> ./autodafe/string.fuzz echo "# STRING FUZZ BASIC DICTIONARY "\ >> ./autodafe/string.fuzz echo "#============================================================="\ >> ./autodafe/string.fuzz echo "# WARNING! Each file here should not contain '\x0a' or \x0d' "\ >> ./autodafe/string.fuzz echo "#============================================================="\ >> ./autodafe/string.fuzz echo "[*] creating file: ./autodafe/hex.fuzz" touch ./autodafe/hex.fuzz echo "#============================================================="\ >> ./autodafe/hex.fuzz echo "# Copyright 2006 (C) Martin Vuagnoux "\ >> ./autodafe/hex.fuzz echo "# HEX FUZZ BASIC DICTIONARY "\ >> ./autodafe/hex.fuzz echo "#============================================================="\ >> ./autodafe/hex.fuzz #repetion basic strings counter=0 for i in \ "a" \ "d" \ "A" \ "D" \ "%s" \ "%n" \ ">" \ "<" \ "(" \ ")" \ "/" \ "&" \ ";" \ "|" \ "\\" \ do echo -ne "[*] processing: \"$i\"\t\t 0%[" counter=`expr $counter + 1` for j in 1 2 3 4 15 16 31 32 63 64 127 128 255 256 511 512 1023 1024 2047 2048 \ 4095 4096 8191 8192 16383 16384 32767 32768 65535 65536 99999 # for j in 99999 65536 65535 32768 32767 16384 16483 8192 8191 4096 4095 \ # 2048 2047 1024 1023 512 511 256 255 128 127 64 63 32 31 16 15 4 3 do ./overflow $j "$i" > ./autodafe/string/string-$counter-x$j # space echo -n " " > ./autodafe/string/string-$counter-sp-x$j ./overflow $j "$i" >> ./autodafe/string/string-$counter-sp-x$j #> echo -n ">" > ./autodafe/string/string-$counter-geq-x$j ./overflow $j "$i" >> ./autodafe/string/string-$counter-geq-x$j # < echo -n "<" > ./autodafe/string/string-$counter-leq-x$j ./overflow $j "$i" >> ./autodafe/string/string-$counter-leq-x$j # ; echo -n ";" > ./autodafe/string/string-$counter-sc-x$j ./overflow $j "$i" >> ./autodafe/string/string-$counter-sc-x$j echo -e "$1/autodafe/string/string-$counter-x$j \t# \"$i\" x $j" >> ./autodafe/string.fuzz echo -e "$1/autodafe/string/string-$counter-sp-x$j \t# \"$i\" x $j" >> ./autodafe/string.fuzz echo -e "$1/autodafe/string/string-$counter-geq-x$j \t# \">\" \"$i\" x $j" >> ./autodafe/string.fuzz echo -e "$1/autodafe/string/string-$counter-leq-x$j \t# \"<\" \"$i\" x $j" >> ./autodafe/string.fuzz echo -e "$1/autodafe/string/string-$counter-sc-x$j \t# \";\" \"$i\" x $j" >> ./autodafe/string.fuzz echo -n "." done; echo "]100%" done; #--------------------------------------------------------- # I (Chuck B.) added this part... #--------------------------------------------------------- # repetion basic hexs counter1=0 for k in \ '\xff' \ '\x00' \ '\x7f' \ '\x80' \ '\x3f' \ '\x01' \ '\x02' \ '\xfe' \ '\x10' \ '\x20' \ '\x40' \ do # make a case for pretty file names... case $k in '\xff') m=xFF;; '\x00') m=x00;; '\x7f') m=x7F;; '\x80') m=x80;; '\x3f') m=x3F;; '\x01') m=x01;; '\x02') m=x02;; '\xfe') m=xFE;; '\x10') m=x10;; '\x20') m=x20;; '\x40') m=x40;; *) echo "I'm riding off the rails on a crazy train...";; esac echo -ne "[*] processing hex stuff: \"$m\"\t\t 0%[" counter1=`expr $counter1 + 1` for l in 1 2 3 4 5 6 7 8 15 16 31 32 63 64 127 128 255 256 65535 65536 #99999 #511 512 1023 1024 2047 2048 4095 4096 8191 8192 16383 16384 32767 32768 do for ((g=1;g<=$l;g+=1)); do printf "$k" >> ./autodafe/hex/hex-$m-$l done # append FF cp ./autodafe/hex/hex-$m-$l ./autodafe/hex/hex-$m-$l-xFF printf '\xff' >> ./autodafe/hex/hex-$m-$l-xFF # prepend FF printf '\xff' | cat - ./autodafe/hex/hex-$m-$l >> ./autodafe/hex/hex-xFF-$m-$l # append FE cp ./autodafe/hex/hex-$m-$l ./autodafe/hex/hex-$m-$l-xFE printf '\xfe' >> ./autodafe/hex/hex-$m-$l-xFE # prepend FE printf '\xfe' | cat - ./autodafe/hex/hex-$m-$l >> ./autodafe/hex/hex-xFE-$m-$l # append 7F cp ./autodafe/hex/hex-$m-$l ./autodafe/hex/hex-$m-$l-x7F printf '\x7f' >> ./autodafe/hex/hex-$m-$l-x7F # prepend 7F printf '\x7f' | cat - ./autodafe/hex/hex-$m-$l >> ./autodafe/hex/hex-x7F-$m-$l # append 00 cp ./autodafe/hex/hex-$m-$l ./autodafe/hex/hex-$m-$l-x00 printf '\x00' >> ./autodafe/hex/hex-$m-$l-x00 # prepend 00 printf '\x00' | cat - ./autodafe/hex/hex-$m-$l >> ./autodafe/hex/hex-x00-$m-$l # append 01 cp ./autodafe/hex/hex-$m-$l ./autodafe/hex/hex-$m-$l-x01 printf '\x01' >> ./autodafe/hex/hex-$m-$l-x01 # prepend 01 printf '\x01' | cat - ./autodafe/hex/hex-$m-$l >> ./autodafe/hex/hex-x01-$m-$l # append 02 cp ./autodafe/hex/hex-$m-$l ./autodafe/hex/hex-$m-$l-x02 printf '\x02' >> ./autodafe/hex/hex-$m-$l-x02 # prepend 02 printf '\x02' | cat - ./autodafe/hex/hex-$m-$l >> ./autodafe/hex/hex-x02-$m-$l # append 10 cp ./autodafe/hex/hex-$m-$l ./autodafe/hex/hex-$m-$l-x10 printf '\x10' >> ./autodafe/hex/hex-$m-$l-x10 # prepend 10 printf '\x10' | cat - ./autodafe/hex/hex-$m-$l >> ./autodafe/hex/hex-x10-$m-$l # append 3F cp ./autodafe/hex/hex-$m-$l ./autodafe/hex/hex-$m-$l-x3F printf '\x3f' >> ./autodafe/hex/hex-$m-$l-x3F # prepend 3F printf '\x3f' | cat - ./autodafe/hex/hex-$m-$l >> ./autodafe/hex/hex-x3F-$m-$l # append 20 cp ./autodafe/hex/hex-$m-$l ./autodafe/hex/hex-$m-$l-x20 printf '\x20' >> ./autodafe/hex/hex-$m-$l-x20 # prepend 20 printf '\x20' | cat - ./autodafe/hex/hex-$m-$l >> ./autodafe/hex/hex-x20-$m-$l # append 40 cp ./autodafe/hex/hex-$m-$l ./autodafe/hex/hex-$m-$l-x40 printf '\x40' >> ./autodafe/hex/hex-$m-$l-x40 # prepend 40 printf '\x40' | cat - ./autodafe/hex/hex-$m-$l >> ./autodafe/hex/hex-x40-$m-$l # append 60 cp ./autodafe/hex/hex-$m-$l ./autodafe/hex/hex-$m-$l-x60 printf '\x60' >> ./autodafe/hex/hex-$m-$l-x60 # prepend 60 printf '\x60' | cat - ./autodafe/hex/hex-$m-$l >> ./autodafe/hex/hex-x60-$m-$l # this case is " special" - we're looking for a 7FFFFFFE kind of a value # prepend 7F printf '\x7f' | cat - ./autodafe/hex/hex-$m-$l >> ./autodafe/hex/hex-x7F-$m-$l-xFE # append FE printf '\xfe' >> ./autodafe/hex/hex-x7f-$m-$l-xFE echo -e "$1/autodafe/hex/hex-$m-$l \t# \"$m\" x $l" >> ./autodafe/hex.fuzz echo -e "$1/autodafe/hex/hex-$m-$l-xFF \t# \"$m\" x $l + xFF" >> ./autodafe/hex.fuzz echo -e "$1/autodafe/hex/hex-xFF-$m-$l \t# \ \"xFF + $m\" x $l" >> ./autodafe/hex.fuzz echo -e "$1/autodafe/hex/hex-$m-$l-xFE \t# \"$m\" x $l + xFE" >> ./autodafe/hex.fuzz echo -e "$1/autodafe/hex/hex-xFE-$m-$l \t# \ \"xFE + $m\" x $l" >> ./autodafe/hex.fuzz echo -e "$1/autodafe/hex/hex-$m-$l-x7F \t# \"$m\" x $l + x7F" >> ./autodafe/hex.fuzz echo -e "$1/autodafe/hex/hex-x7F-$m-$l \t# \ \"x7F + $m\" x $l" >> ./autodafe/hex.fuzz echo -e "$1/autodafe/hex/hex-$m-$l-x00 \t# \"$m\" x $l + x00" >> ./autodafe/hex.fuzz echo -e "$1/autodafe/hex/hex-x00-$m-$l \t# \ \"x00 + $m\" x $l" >> ./autodafe/hex.fuzz echo -e "$1/autodafe/hex/hex-$m-$l-x01 \t# \"$m\" x $l + x01" >> ./autodafe/hex.fuzz echo -e "$1/autodafe/hex/hex-x01-$m-$l \t# \ \"x01 + $m\" x $l" >> ./autodafe/hex.fuzz echo -e "$1/autodafe/hex/hex-$m-$l-x02 \t# \"$m\" x $l + x02" >> ./autodafe/hex.fuzz echo -e "$1/autodafe/hex/hex-x02-$m-$l \t# \ \"x02 + $m\" x $l" >> ./autodafe/hex.fuzz echo -e "$1/autodafe/hex/hex-$m-$l-x10 \t# \"$m\" x $l + x10" >> ./autodafe/hex.fuzz echo -e "$1/autodafe/hex/hex-x10-$m-$l \t# \ \"x10 + $m\" x $l" >> ./autodafe/hex.fuzz echo -e "$1/autodafe/hex/hex-$m-$l-x3F \t# \"$m\" x $l + x3F" >> ./autodafe/hex.fuzz echo -e "$1/autodafe/hex/hex-x3F-$m-$l \t# \ \"x3F + $m\" x $l" >> ./autodafe/hex.fuzz echo -e "$1/autodafe/hex/hex-$m-$l-x20 \t# \"$m\" x $l + x20" >> ./autodafe/hex.fuzz echo -e "$1/autodafe/hex/hex-x20-$m-$l \t# \ \"x20 + $m\" x $l" >> ./autodafe/hex.fuzz echo -e "$1/autodafe/hex/hex-$m-$l-x40 \t# \"$m\" x $l + x40" >> ./autodafe/hex.fuzz echo -e "$1/autodafe/hex/hex-x40-$m-$l \t# \ \"x40 + $m\" x $l" >> ./autodafe/hex.fuzz echo -e "$1/autodafe/hex/hex-$m-$l-x60 \t# \"$m\" x $l + x60" >> ./autodafe/hex.fuzz echo -e "$1/autodafe/hex/hex-x60-$m-$l \t# \ \"x60 + $m\" x $l" >> ./autodafe/hex.fuzz echo -e "$1/autodafe/hex/hex-x7f-$m-$l-xFE \t# \"x7F \"$m\" x $l + xFE" >> ./autodafe/hex.fuzz echo -n "." done; echo "]100%" done; fi