Персиковый фаззер. Создать docx и пушистое мс-слово
С помощью такого pit-файла я могу сгенерировать [Content_Types].xml
<?xml version="1.0" encoding="utf-8"?>
<Peach xmlns="http://peachfuzzer.com/2012/Peach" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://peachfuzzer.com/2012/Peach ../peach.xsd">
<!-- Define our file format DDL -->
<DataModel name="TestTemplate">
<XmlElement elementName="Types" ns="http://schemas.openxmlformats.org/package/2006/content-types">
<XmlElement elementName="Default">
<XmlAttribute attributeName="Extension">
<String value="png">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
<XmlAttribute attributeName="ContentType">
<String value="image/png">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
</XmlElement>
<XmlElement elementName="Default">
<XmlAttribute attributeName="Extension">
<String value="emf">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
<XmlAttribute attributeName="ContentType">
<String value="image/x-emf">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
</XmlElement>
<XmlElement elementName="Default">
<XmlAttribute attributeName="Extension">
<String value="rels">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
<XmlAttribute attributeName="ContentType">
<String value="application/vnd.openxmlformats-package.relationships+xml">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
</XmlElement>
<XmlElement elementName="Default">
<XmlAttribute attributeName="Extension">
<String value="xml">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
<XmlAttribute attributeName="ContentType">
<String value="application/xml">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
</XmlElement>
<XmlElement elementName="Default">
<XmlAttribute attributeName="Extension">
<String value="vsdx">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
<XmlAttribute attributeName="ContentType">
<String value="application/vnd.ms-visio.drawing">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
</XmlElement>
<XmlElement elementName="Default">
<XmlAttribute attributeName="Extension">
<String value="wdp">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
<XmlAttribute attributeName="ContentType">
<String value="image/vnd.ms-photo">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
</XmlElement>
<XmlElement elementName="Override">
<XmlAttribute attributeName="PartName">
<String value="/word/document.xml">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
<XmlAttribute attributeName="ContentType">
<String value="application/vnd.openxmlformats-officedocument.wordprocessingml.document.main+xml">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
</XmlElement>
<XmlElement elementName="Override">
<XmlAttribute attributeName="PartName">
<String value="/word/numbering.xml">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
<XmlAttribute attributeName="ContentType">
<String value="application/vnd.openxmlformats-officedocument.wordprocessingml.numbering+xml">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
</XmlElement>
<XmlElement elementName="Override">
<XmlAttribute attributeName="PartName">
<String value="/word/styles.xml">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
<XmlAttribute attributeName="ContentType">
<String value="application/vnd.openxmlformats-officedocument.wordprocessingml.styles+xml">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
</XmlElement>
<XmlElement elementName="Override">
<XmlAttribute attributeName="PartName">
<String value="/word/settings.xml">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
<XmlAttribute attributeName="ContentType">
<String value="application/vnd.openxmlformats-officedocument.wordprocessingml.settings+xml">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
</XmlElement>
<XmlElement elementName="Override">
<XmlAttribute attributeName="PartName">
<String value="/word/webSettings.xml">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
<XmlAttribute attributeName="ContentType">
<String value="application/vnd.openxmlformats-officedocument.wordprocessingml.webSettings+xml">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
</XmlElement>
<XmlElement elementName="Override">
<XmlAttribute attributeName="PartName">
<String value="/word/footnotes.xml">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
<XmlAttribute attributeName="ContentType">
<String value="application/vnd.openxmlformats-officedocument.wordprocessingml.footnotes+xml">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
</XmlElement>
<XmlElement elementName="Override">
<XmlAttribute attributeName="PartName">
<String value="/word/endnotes.xml">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
<XmlAttribute attributeName="ContentType">
<String value="application/vnd.openxmlformats-officedocument.wordprocessingml.endnotes+xml">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
</XmlElement>
<XmlElement elementName="Override">
<XmlAttribute attributeName="PartName">
<String value="/word/header1.xml">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
<XmlAttribute attributeName="ContentType">
<String value="application/vnd.openxmlformats-officedocument.wordprocessingml.header+xml">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
</XmlElement>
<XmlElement elementName="Override">
<XmlAttribute attributeName="PartName">
<String value="/word/fontTable.xml">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
<XmlAttribute attributeName="ContentType">
<String value="application/vnd.openxmlformats-officedocument.wordprocessingml.fontTable+xml">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
</XmlElement>
<XmlElement elementName="Override">
<XmlAttribute attributeName="PartName">
<String value="/word/theme/theme1.xml">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
<XmlAttribute attributeName="ContentType">
<String value="application/vnd.openxmlformats-officedocument.theme+xml">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
</XmlElement>
<XmlElement elementName="Override">
<XmlAttribute attributeName="PartName">
<String value="/docProps/core.xml">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
<XmlAttribute attributeName="ContentType">
<String value="application/vnd.openxmlformats-package.core-properties+xml">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
</XmlElement>
<XmlElement elementName="Override">
<XmlAttribute attributeName="PartName">
<String value="/docProps/app.xml">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
<XmlAttribute attributeName="ContentType">
<String value="application/vnd.openxmlformats-officedocument.extended-properties+xml">
<Analyzer class="StringToken"/>
</String>
</XmlAttribute>
</XmlElement>
</XmlElement>
</DataModel>
<!-- Define a simple state machine that will write the file and
then launch a program using the FileWriter and DebuggerLaucher publishers -->
<StateModel name="State" initialState="Initial">
<State name="Initial">
<!-- Write out contents of file. The publisher attribute matches
the name we provide for the publisher in the Test section. -->
<Action type="output">
<DataModel ref="TestTemplate" />
</Action>
<!-- Close file -->
<Action type="close" />
<!-- <Action ty -->
<!-- Launch the file consumer -->
<Action type="call" method="ScoobySnacks" publisher="Peach.Agent"/>
</State>
</StateModel>
<!-- Setup a local agent that will monitor for faults -->
<Agent name="LocalAgent">
<!-- <Monitor class="RunCommand">
<Param name="Command" value="ping google.ru" />
</Monitor> -->
<Monitor class="WindowsDebugger">
<Param name="CommandLine" value="C:\Program Files\Sublime Text 3\subl.exe fuzzfile.bin" />
<Param name="WinDbgPath" value="C:\Program Files\Windows Kits\10\Debuggers\x86\" />
<Param name="StartOnCall" value="ScoobySnacks" />
</Monitor>
<!-- Enable heap debugging on our process as well. -->
<Monitor class="PageHeap">
<!-- <Param name="Executable" value="notepad.exe"/> -->
<Param name="Executable" value="C:\Program Files\Sublime Text 3\subl.exe"/>
<Param name="WinDbgPath" value="C:\Program Files\Windows Kits\10\Debuggers\x86\" />
</Monitor>
</Agent>
<Test name="Default">
<Agent ref="LocalAgent" />
<StateModel ref="State"/>
<!-- Configure our publisher with correct filename to write too -->
<Publisher class="File">
<Param name="FileName" value="fuzzfile.bin" />
</Publisher>
<!-- Configure a logger to store collected information -->
<Logger class="Filesystem">
<Param name="Path" value="logtest" />
</Logger>
</Test>
</Peach>
<!-- end -->
С помощью такой команды я могу создать docx:
C:\peach>"C:\Program Files\7-Zip\7z.exe" a -tzip fuzz.docx _rels\* docProps\* word [Content_Types].xml
Как я могу создать архив из [Content_Types].xml и остальные файлы, используя персик, а затем открыть его с помощью ms-word?
Мне нужно отследить (проследить) краши мс-слова
1 ответ
Решение
Я использовал Monitor class="Process"
<Agent name="LocalAgent">
<Monitor class="Process">
<Param name="Executable" value="C:\Program Files\7-Zip\7z.exe" />
<Param name="Arguments" value="a -tzip myfuzz.docx C:\peach\_rels C:\peach\docProps C:\peach\word [Conntent_Types].xml" />
</Monitor>
........
</Agent>
Но для версии peach v3.1 рекомендуется использовать RunCommand