Skip to content

fuseraft/kiwi-fuzz

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
README.md
README.md
 
 
fuzz.kiwi
fuzz.kiwi
 
 

Repository files navigation

Operating System Utility Program Reliability − The Fuzz Generator

Synopsis

This is a fuzzer written in the Kiwi Programming Language.

Inspired by Prof. Barton Miller's 1988 Advanced Operating Systems (CS736) class project.

Please see the project assignment paper.

Goals

The goal of this project is to evaluate the robustness of various UNIX utility programs, given an unpredictable input stream.

This project has two parts.

  1. You will build a fuzz generator. This is a program that will output a random character stream.
  2. You will take the fuzz generator and use it to attack as many UNIX utilities as possible, with the goal of trying to break them.

For the utilities that break, you will try to determine what type of input cause the break.

The fuzz generator will generate an output stream of random characters.

It will need several options to give you flexibility to test different programs.

CLI Options

Below is the start for a list of options for features that fuzz will support.

Option Description
-p only the printable ASCII characters
-a all ASCII characters
-0 include the null (0 byte) character
-l generate random length lines (\n terminated strings)
-f name record characters in file "name"
-d nnn delay nnn seconds following each character
-r name replay characters in file "name" to output

Use Case

The fuzz program should be used to test various UNIX utilities.

These utilities include programs like vi, mail, cc, make, sed, awk, sort, etc.

The goal is to first see if the program will break and second to understand what type of input is responsible for the break.

Note: It is important when writing this program to use good C and UNIX style, and good structure, as we hope to distribute this program to others.

Examples

Generate a stream of only printable ASCII characters:

$ ./fuzz.kiwi -p

Generate a stream of only printable ASCII characters with newlines:

$ ./fuzz.kiwi -p -l

Generate a stream of only printable ASCII characters, including null-bytes, with newlines:

$ ./fuzz.kiwi -p -l -0

Generate a stream of all ASCII characters, including null-bytes, with newlines:

$ ./fuzz.kiwi -a -l -0

Generate a stream of all ASCII characters, including null-bytes, with newlines, at 1 character per 100ms.

$ ./fuzz.kiwi -a -0 -l -d 100

Record the stream to a file:

$ ./fuzz.kiwi -a -l -0 -f replay.txt

Replay a file:

$ ./fuzz.kiwi -r replay.txt

For Funsies

The program doubles as a simple file copy utility:

$ ./fuzz.kiwi -r fuzz.kiwi -f copied_fuzz.kiwi

About

Fuzz Generator in Kiwi 🥝

Topics

fuzzing fuzzer advanced-operating-systems

Resources

Readme
Activity

Stars

2 stars

Watchers

0 watching

Forks

0 forks
Report repository

Contributors