1. Zuhause
  2. Frage und Antwort
  3. Pfirsich-Fuzzer. Erstellen docx und Fuzzing ms-Wort

Pfirsich-Fuzzer. Erstellen docx und Fuzzing ms-Wort

2016-03-20 3 views
0

Durch eine solche Grube-Datei, die ich erzeugen kann [content_types] .xmlPfirsich-Fuzzer. Erstellen docx und Fuzzing ms-Wort

<?xml version="1.0" encoding="utf-8"?> 
<Peach xmlns="http://peachfuzzer.com/2012/Peach" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
    xsi:schemaLocation="http://peachfuzzer.com/2012/Peach ../peach.xsd"> 

    <!-- Define our file format DDL --> 
    <DataModel name="TestTemplate"> 
     <XmlElement elementName="Types" ns="http://schemas.openxmlformats.org/package/2006/content-types"> 

      <XmlElement elementName="Default"> 
       <XmlAttribute attributeName="Extension"> 
         <String value="png"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
       <XmlAttribute attributeName="ContentType"> 
         <String value="image/png"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
      </XmlElement> 
      <XmlElement elementName="Default"> 
       <XmlAttribute attributeName="Extension"> 
         <String value="emf"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
       <XmlAttribute attributeName="ContentType"> 
         <String value="image/x-emf"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
      </XmlElement> 
      <XmlElement elementName="Default"> 
       <XmlAttribute attributeName="Extension"> 
         <String value="rels"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
       <XmlAttribute attributeName="ContentType"> 
         <String value="application/vnd.openxmlformats-package.relationships+xml"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
      </XmlElement> 
      <XmlElement elementName="Default"> 
       <XmlAttribute attributeName="Extension"> 
         <String value="xml"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
       <XmlAttribute attributeName="ContentType"> 
         <String value="application/xml"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
      </XmlElement> 
      <XmlElement elementName="Default"> 
       <XmlAttribute attributeName="Extension"> 
         <String value="vsdx"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
       <XmlAttribute attributeName="ContentType"> 
         <String value="application/vnd.ms-visio.drawing"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
      </XmlElement> 
      <XmlElement elementName="Default"> 
       <XmlAttribute attributeName="Extension"> 
         <String value="wdp"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
       <XmlAttribute attributeName="ContentType"> 
         <String value="image/vnd.ms-photo"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
      </XmlElement> 

      <XmlElement elementName="Override"> 
       <XmlAttribute attributeName="PartName"> 
         <String value="/word/document.xml"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
       <XmlAttribute attributeName="ContentType"> 
         <String value="application/vnd.openxmlformats-officedocument.wordprocessingml.document.main+xml"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
      </XmlElement> 
      <XmlElement elementName="Override"> 
       <XmlAttribute attributeName="PartName"> 
         <String value="/word/numbering.xml"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
       <XmlAttribute attributeName="ContentType"> 
         <String value="application/vnd.openxmlformats-officedocument.wordprocessingml.numbering+xml"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
      </XmlElement> 
      <XmlElement elementName="Override"> 
       <XmlAttribute attributeName="PartName"> 
         <String value="/word/styles.xml"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
       <XmlAttribute attributeName="ContentType"> 
         <String value="application/vnd.openxmlformats-officedocument.wordprocessingml.styles+xml"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
      </XmlElement> 
      <XmlElement elementName="Override"> 
       <XmlAttribute attributeName="PartName"> 
         <String value="/word/settings.xml"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
       <XmlAttribute attributeName="ContentType"> 
         <String value="application/vnd.openxmlformats-officedocument.wordprocessingml.settings+xml"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
      </XmlElement> 
      <XmlElement elementName="Override"> 
       <XmlAttribute attributeName="PartName"> 
         <String value="/word/webSettings.xml"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
       <XmlAttribute attributeName="ContentType"> 
         <String value="application/vnd.openxmlformats-officedocument.wordprocessingml.webSettings+xml"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
      </XmlElement> 
      <XmlElement elementName="Override"> 
       <XmlAttribute attributeName="PartName"> 
         <String value="/word/footnotes.xml"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
       <XmlAttribute attributeName="ContentType"> 
         <String value="application/vnd.openxmlformats-officedocument.wordprocessingml.footnotes+xml"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
      </XmlElement> 
      <XmlElement elementName="Override"> 
       <XmlAttribute attributeName="PartName"> 
         <String value="/word/endnotes.xml"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
       <XmlAttribute attributeName="ContentType"> 
         <String value="application/vnd.openxmlformats-officedocument.wordprocessingml.endnotes+xml"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
      </XmlElement> 
      <XmlElement elementName="Override"> 
       <XmlAttribute attributeName="PartName"> 
         <String value="/word/header1.xml"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
       <XmlAttribute attributeName="ContentType"> 
         <String value="application/vnd.openxmlformats-officedocument.wordprocessingml.header+xml"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
      </XmlElement> 
      <XmlElement elementName="Override"> 
       <XmlAttribute attributeName="PartName"> 
         <String value="/word/fontTable.xml"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
       <XmlAttribute attributeName="ContentType"> 
         <String value="application/vnd.openxmlformats-officedocument.wordprocessingml.fontTable+xml"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
      </XmlElement> 
      <XmlElement elementName="Override"> 
       <XmlAttribute attributeName="PartName"> 
         <String value="/word/theme/theme1.xml"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
       <XmlAttribute attributeName="ContentType"> 
         <String value="application/vnd.openxmlformats-officedocument.theme+xml"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
      </XmlElement> 
      <XmlElement elementName="Override"> 
       <XmlAttribute attributeName="PartName"> 
         <String value="/docProps/core.xml"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
       <XmlAttribute attributeName="ContentType"> 
         <String value="application/vnd.openxmlformats-package.core-properties+xml"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
      </XmlElement> 
      <XmlElement elementName="Override"> 
       <XmlAttribute attributeName="PartName"> 
         <String value="/docProps/app.xml"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
       <XmlAttribute attributeName="ContentType"> 
         <String value="application/vnd.openxmlformats-officedocument.extended-properties+xml"> 
         <Analyzer class="StringToken"/> 
         </String> 
       </XmlAttribute> 
      </XmlElement> 
     </XmlElement> 
    </DataModel> 

    <!-- Define a simple state machine that will write the file and 
     then launch a program using the FileWriter and DebuggerLaucher publishers --> 
    <StateModel name="State" initialState="Initial"> 
     <State name="Initial"> 

      <!-- Write out contents of file. The publisher attribute matches 
      the name we provide for the publisher in the Test section. --> 
      <Action type="output"> 
       <DataModel ref="TestTemplate" /> 
      </Action> 

      <!-- Close file --> 
      <Action type="close" /> 

      <!-- <Action ty --> 

      <!-- Launch the file consumer --> 
      <Action type="call" method="ScoobySnacks" publisher="Peach.Agent"/> 

     </State> 
    </StateModel> 

    <!-- Setup a local agent that will monitor for faults --> 
    <Agent name="LocalAgent"> 
     <!-- <Monitor class="RunCommand"> 
     <Param name="Command" value="ping google.ru" /> 
     </Monitor> --> 
     <Monitor class="WindowsDebugger"> 

      <Param name="CommandLine" value="C:\Program Files\Sublime Text 3\subl.exe fuzzfile.bin" /> 
      <Param name="WinDbgPath" value="C:\Program Files\Windows Kits\10\Debuggers\x86\" /> 

      <Param name="StartOnCall" value="ScoobySnacks" /> 

     </Monitor> 

     <!-- Enable heap debugging on our process as well. --> 
     <Monitor class="PageHeap"> 
      <!-- <Param name="Executable" value="notepad.exe"/> --> 
      <Param name="Executable" value="C:\Program Files\Sublime Text 3\subl.exe"/> 
      <Param name="WinDbgPath" value="C:\Program Files\Windows Kits\10\Debuggers\x86\" /> 
     </Monitor> 
    </Agent> 

    <Test name="Default"> 
     <Agent ref="LocalAgent" /> 
     <StateModel ref="State"/> 

     <!-- Configure our publisher with correct filename to write too --> 
     <Publisher class="File"> 
      <Param name="FileName" value="fuzzfile.bin" /> 
     </Publisher> 

     <!-- Configure a logger to store collected information --> 
     <Logger class="Filesystem"> 
      <Param name="Path" value="logtest" /> 
     </Logger> 
    </Test> 

</Peach> 
<!-- end -->

Mit Hilfe eines solchen Befehls I docx erstellen:

C:\peach>"C:\Program Files\7-Zip\7z.exe" a -tzip fuzz.docx _rels\* docProps\* word [Content_Types].xml

Wie kann Ich erstelle Archiv aus [Content_Types] .xml und Rest der Dateien mit Pfirsich und öffne es dann mit MS-Word?

Ich brauche zu verfolgen (Spur) Craches von ms-Wort

Quelle

2016-03-20 Александр

+0

ich gefunden zu verwenden [GzipCompressTransformer ] (http://community.peachfuzzer.com/v3/Transformers/GzipCompressTransformer.html) Aber ich kann nur in DataModel-Datei beschrieben packen. –

Antwort

0

I verwendet Monitor class="Process"

<Agent name="LocalAgent"> 

     <Monitor class="Process"> 
      <Param name="Executable" value="C:\Program Files\7-Zip\7z.exe" /> 
      <Param name="Arguments" value="a -tzip myfuzz.docx C:\peach\_rels C:\peach\docProps C:\peach\word [Conntent_Types].xml" /> 
     </Monitor> 

........ 
</Agent>

Aber für Pfirsich v3.1 Release wird empfohlen RunCommand

Quelle

2016-04-04 20:17:53

Verwandte Themen

 Verwandte Themen