mirror of
https://github.com/FuzzingLabs/fuzzforge_ai.git
synced 2026-02-13 14:32:55 +00:00
fe50d4ef72
This commit implements a complete Python fuzzing workflow using Atheris: ## Python Worker (workers/python/) - Dockerfile with Python 3.11, Atheris, and build tools - Generic worker.py for dynamic workflow discovery - requirements.txt with temporalio, boto3, atheris dependencies - Added to docker-compose.temporal.yaml with dedicated cache volume ## AtherisFuzzer Module (backend/toolbox/modules/fuzzer/) - Reusable module extending BaseModule - Auto-discovers fuzz targets (fuzz_*.py, *_fuzz.py, fuzz_target.py) - Recursive search to find targets in nested directories - Dynamically loads TestOneInput() function - Configurable max_iterations and timeout - Real-time stats callback support for live monitoring - Returns findings as ModuleFinding objects ## Atheris Fuzzing Workflow (backend/toolbox/workflows/atheris_fuzzing/) - Temporal workflow for orchestrating fuzzing - Downloads user code from MinIO - Executes AtherisFuzzer module - Uploads results to MinIO - Cleans up cache after execution - metadata.yaml with vertical: python for routing ## Test Project (test_projects/python_fuzz_waterfall/) - Demonstrates stateful waterfall vulnerability - main.py with check_secret() that leaks progress - fuzz_target.py with Atheris TestOneInput() harness - Complete README with usage instructions ## Backend Fixes - Fixed parameter merging in REST API endpoints (workflows.py) - Changed workflow parameter passing from positional args to kwargs (manager.py) - Default parameters now properly merged with user parameters ## Testing ✅ Worker discovered AtherisFuzzingWorkflow ✅ Workflow executed end-to-end successfully ✅ Fuzz target auto-discovered in nested directories ✅ Atheris ran 100,000 iterations ✅ Results uploaded and cache cleaned
60 lines
1.5 KiB
Python
60 lines
1.5 KiB
Python
"""
|
|
Atheris fuzzing target for the waterfall vulnerability.
|
|
|
|
This file is automatically discovered by FuzzForge's AtherisFuzzer module.
|
|
The fuzzer looks for files named: fuzz_*.py, *_fuzz.py, or fuzz_target.py
|
|
"""
|
|
|
|
import sys
|
|
import atheris
|
|
|
|
# Import the vulnerable function
|
|
from main import check_secret
|
|
|
|
|
|
def TestOneInput(data):
|
|
"""
|
|
Atheris fuzzing entry point.
|
|
|
|
This function is called by Atheris for each fuzzing iteration.
|
|
The fuzzer will try to find inputs that cause crashes.
|
|
|
|
Args:
|
|
data: Bytes to test (generated by Atheris)
|
|
|
|
The waterfall vulnerability means:
|
|
- Random inputs will mostly fail (progress = 0)
|
|
- Atheris will discover inputs that make progress
|
|
- Eventually Atheris will find the complete secret "FUZZINGLABS"
|
|
- When found, check_secret() will crash with SystemError
|
|
"""
|
|
try:
|
|
check_secret(bytes(data))
|
|
except SystemError:
|
|
# Let Atheris detect the crash
|
|
# This is the vulnerability we're trying to find!
|
|
raise
|
|
|
|
|
|
if __name__ == "__main__":
|
|
"""
|
|
Standalone fuzzing mode.
|
|
|
|
Run directly: python fuzz_target.py
|
|
"""
|
|
print("=" * 60)
|
|
print("Atheris Fuzzing - Waterfall Vulnerability")
|
|
print("=" * 60)
|
|
print("Fuzzing will try to discover the secret string...")
|
|
print("Watch for progress indicators: [DEBUG] Progress: X/11")
|
|
print()
|
|
print("Press Ctrl+C to stop fuzzing")
|
|
print("=" * 60)
|
|
print()
|
|
|
|
# Setup Atheris with command-line args
|
|
atheris.Setup(sys.argv, TestOneInput)
|
|
|
|
# Start fuzzing
|
|
atheris.Fuzz()
|