Class: Ronin::Fuzzing::Fuzzer

Inherits:
Object
  • Object
show all
Defined in:
lib/ronin/fuzzing/fuzzer.rb

Overview

Fuzzing class that incrementally fuzzes a String, given substitution rules.

Since:

  • 0.5.0

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(rules) ⇒ Fuzzer

Initializes a new Fuzzer.

Parameters:

Since:

  • 0.5.0


46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
# File 'lib/ronin/fuzzing/fuzzer.rb', line 46

def initialize(rules)
  @rules = {}
  
  rules.each do |pattern,substitution|
    pattern = case pattern
              when Regexp then pattern
              when String then Regexp.new(Regexp.escape(pattern))
              when Symbol then Regexp.const_get(pattern.to_s.upcase)
              else
                raise(TypeError,"cannot convert #{pattern.inspect} to a Regexp")
              end

    substitution = case substitution
                   when Enumerable then substitution
                   when Symbol     then Fuzzing[substitution]
                   else
                     raise(TypeError,"substitutions must be Enumerable or a Symbol")
                   end

    @rules[pattern] = substitution
  end
end

Instance Attribute Details

#rulesObject (readonly)

Patterns and their substitutions

Since:

  • 0.5.0


38
39
40
# File 'lib/ronin/fuzzing/fuzzer.rb', line 38

def rules
  @rules
end

Instance Method Details

#each(string) {|fuzz| ... } ⇒ Enumerator

Incrementally fuzzes the String.

Yields:

  • (fuzz)

    The given block will be passed every fuzzed String.

Yield Parameters:

  • fuzz (String)

    A fuzzed String.

Returns:

  • (Enumerator)

    If no block is given, an Enumerator will be returned.

Since:

  • 0.5.0


81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
# File 'lib/ronin/fuzzing/fuzzer.rb', line 81

def each(string)
  return enum_for(__method__,string) unless block_given?

  @rules.each do |pattern,substitution|
    scanner = StringScanner.new(string)
    indices = []

    while scanner.scan_until(pattern)
      indices << [scanner.pos - scanner.matched_size, scanner.matched_size]
    end

    indices.each do |index,length|
      substitution.each do |substitute|
        substitute = case substitute
                     when Proc    then substitute[string[index,length]]
                     when Integer then substitute.chr
                     else              substitute.to_s
                     end

        fuzzed = string.dup
        fuzzed[index,length] = substitute
        yield fuzzed
      end
    end
  end
end