-
Notifications
You must be signed in to change notification settings - Fork 9
/
settings.py
219 lines (181 loc) · 4.88 KB
/
settings.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
#!/usr/bin/env python3
# -*- coding: UTF-8 -*-
#
# litefuzz project
#
# settings.py
#
#
import os
import sys
import warnings
warnings.filterwarnings("ignore")
import config
#
# status
#
SUCCESS = 0
FAILURE = 1
#
# runtime config
#
if(str(sys.platform).startswith('linux') or
str(sys.platform).startswith('darwin')):
TMP_DIR = '/tmp/litefuzz'
if(str(sys.platform).startswith('win32')):
TMP_DIR = 'C:\\Windows\\Temp\\litefuzz'
RUN_DIR = TMP_DIR # this gets set for each fuzzing session's unique run dir
CRASH_DIR = 'crashes'
CHECK_DUPS_PREV_RUN = True
TIMEOUT = 10
#
# primary modes
#
LOCAL = 1
LOCAL_CLIENT = 2
LOCAL_SERVER = 3
CLIENT = 4
SERVER = 5
#
# set based on TMP_DIR and the generated per-run id
#
FUZZ_FILE = None
FUZZ_FILE_PREV = None
FUZZ_OUTPUT = None
FUZZ_INFO = None
FUZZ_INFO_STATIC = None
FUZZ_DIFF = None
FUZZ_DIFF_STRING = None
FUZZ_DIFF_ORIG = None
FUZZ_DIFF_FUZZ = None
FUZZ_OUTPUT_DEBUG = None
FUZZ_OUTPUTS_DEBUG = None
MIN_FILE = None
MIN_FILE_ORIG = None
RUN_ID_MIN = 1000
RUN_ID_MAX = 9999
#
# mutators
#
MUTATOR_CHOICE = 0 # random
if((str(sys.platform).startswith('linux')) and (sys.version_info[0] >= 3)):
MUTATOR_MAX = 7 # pyradamsa is linux only
else:
MUTATOR_MAX = 6
FLIP_MUTATOR = 1
HIGHLOW_MUTATOR = 2
INSERT_MUTATOR = 3
REMOVE_MUTATOR = 4
CARVE_MUTATOR = 5
OVERWRITE_MUTATOR = 6
RADAMSA_MUTATOR = 7
FLIP_MUTATOR_ENABLE = True
HIGHLOW_MUTATOR_ENABLE = True
INSERT_MUTATOR_ENABLE = True
REMOVE_MUTATOR_ENABLE = True
CARVE_MUTATOR_ENABLE = True
OVERWRITE_MUTATOR_ENABLE = True
RADAMSA_MUTATOR_ENABLE = True
# number of random bytes to flip for each mutated test case (simple mutator)
MUTATION_MIN = 1
MUTATION_MAX = 8
# insert mutator
SIZE_MIN = 1
SIZE_MAX = 5000
#
# unix crash codes
#
SIGTRAP = -5
SIGABRT = -6
SIGILL = -7
SIGFPE = -8
SIGSEGV = -11
#
# golang
#
SIGGO = 2
EXCEPTIONS = {
'EXC_BREAKPOINT' : SIGTRAP,
'EXC_ARITHMETIC' : SIGFPE,
'EXC_BAD_INSTRUCTION' : SIGILL,
'EXC_BAD_ACCESS' : SIGSEGV,
'SIGTRAP' : SIGTRAP,
'SIGABRT' : SIGABRT,
'SIGFPE' : SIGFPE,
'SIGILL' : SIGILL,
'SIGSEGV' : SIGSEGV
}
# misc
ARTIFACTS_ENABLE = True
DIFF_ENABLE = True
KEEPAWAKE_ENABLE = True
KILL_EXISTING_PROCESS = True
# timeouts
INSULATE_TIMEOUT = 30
EXEC_TIMEOUT = 3
TOOL_TIMEOUT = 5
DEBUG_TIMEOUT_MULTIPLE = 10
NETWORK_TIMEOUT_MULTIPLE = 2
CLIENT_TIMEOUT = 10
LOCAL_SERVER_TIMEOUT = 5
if(str(sys.platform).startswith('win32')):
null = 'NUL'
else:
null = '/dev/null'
# mac
KYA_BIN = '/Applications/KeepingYouAwake.app/Contents/MacOS/KeepingYouAwake'
KYA_NAME = 'KeepingYouAwake'
REPORT_CRASH_NAME = 'ReportCrash'
# REPORT_CRASH_DIR = os.environ["HOME"] + '/Library/Logs/DiagnosticReports'
REPORT_CRASH_DIR = '/Library/Logs/DiagnosticReports'
REPORT_CRASH_DIR_OLD = REPORT_CRASH_DIR + os.sep + 'OLD'
REPORT_CRASH_LOAD = 'sudo launchctl load -w /System/Library/LaunchAgents/com.apple.ReportCrash.plist'
# REPORT_CRASH_LOAD_ROOT = 'sudo launchctl load -w /System/Library/LaunchAgents/com.apple.ReportCrash.Root.plist'
# windows
DIFF_WIN_BIN = 'C:\\ProgramData\\chocolatey\\lib\\diffutils\\tools\\bin\\diff.exe'
OD_WIN_BIN = 'C:\\Program Files (x86)\\GnuWin32\\bin\\od.exe'
CONSOLE_DEBUGGER_PATH = 'C:\\Program Files (x86)\\Windows Kits\\10\\Debuggers\\x64\\cdb.exe'
MEMORY_DUMP_REG_KEY = 'SOFTWARE\\Microsoft\\Windows\\Windows Error Reporting\\LocalDumps\\'
MEMORY_DUMP = False
# malloc helpers
LIBEFENCE_PATH = '/usr/lib/libefence.so'
LIBGMALLOC_PATH = '/usr/lib/libgmalloc.dylib'
GLIBC_MALLOC_CHECK = 'MALLOC_CHECK_=3'
DEBUG_DISSASSEMBLE_LLDB = 'dis -s $pc-32 -c 24 -m -F intel'
DEBUG_ENV_EFENCE_GLIBC_ENABLE = False # main
DEBUG_ENV_EFENCE_ENABLE = False
DEBUG_ENV_GLIBC_ENABLE = False
DEBUG_ENV_EFENCE = dict(os.environ, LD_PRELOAD=LIBEFENCE_PATH)
DEBUG_ENV_GLIBC = dict(os.environ, MALLOC_CHECK_='3') # fallback
DEBUG_ENV_GMALLOC_ENABLE = False
DEBUG_ENV_GMALLOC = dict(os.environ, DYLD_INSERT_LIBRARIES=LIBGMALLOC_PATH)
DEBUG_ENV_PAGEHEAP_ENABLE = False
DEBUG_ENV_PAGEHEAP_DISABLE = False
DEBUG_ENV_GFLAG_MAGIC = '0x02000000'
DEBUG_ENV_PAGEHEAP_MAGIC = '0x3'
GFLAGS_BIN_PATH = 'C:\\Program Files (x86)\\Windows Kits\\10\\Debuggers\\x64\\gflags.exe'
PAGEHEAP_REG_KEY = 'SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\'
USER_VA_MAX = '0x7fffffffffff'
SIMILAR_PC_RANGE = '0x1000'
#
# defaults
#
ITERATIONS_DEFAULT = 1
MAX_AVG_EXEC = 100
MAX_TIME_DEFAULT = 1
BIG_INPUT_SIZE = 1000000 # 1mb
MAX_INPUT_SIZE = 10000000 # 10mb limit
NET_SLEEP_TIME = 20
SEND_RECV_TIME = 0.1
#
# network
#
RECV_SIZE = 4096
TCP_BACKLOG = 5
TLS_DIR = 'tls' + os.sep
TEST_DATA = b'test'
NETWORK_CRT = TLS_DIR + 'network.crt'
NETWORK_KEY = TLS_DIR + 'network.pem'
GENERATE_CERT_CMD = 'openssl req -x509 -new -nodes -subj \'/O=o/C=CC/CN=NC\' -keyout ' + NETWORK_KEY + ' -out ' + NETWORK_CRT + ' -days 5555'
SEND_TEST_PACKET = False
TCP_KEEP_GOING = True