Peach Fuzzing Platform<< Previouse | Up | Next >>
Create State Model
Now that you have created the data models we can create the state model. For file fuzzing the state model is very simple. All we want to do is write out the file and launch the target process. We will do this using three actions:
- output -- Write the file
- close -- Close the file
- call -- Launch the application
Go ahead and locate the state model in the wav.xml file called TheState. We will expand on this state model to include our three actions as follows:
<!-- This is our simple wave state model -->
<StateModel name="TheState" initialState="Initial">
<State name="Initial">
<!-- Write out our wave file -->
<Action type="output">
<DataModel ref="Wav"/>
<!-- This is our sample file to read in -->
<Data name="data" fileName="sample.wav"/>
</Action>
<Action type="close"/>
<!-- Launch the target process -->
<Action type="call" method="mplayer.exe">
<Param name="wav file" type="in">
<DataModel ref="Param"/>
<Data name="filename">
<!-- Name of fuzzed output file -->
<Field name="Value" value="fuzzed.wav"/>
</Data>
</Param>
</Action>
</State>
</StateModel>
Read more about: StateModel, State, Action, DataModel, Data, Field
Now we are missing just one more thing. You will notice that in the call action we are referencing a datamodel called Param which does not yet exist. This data model will hold the parameter we need to pass to mplayer specifying the name of the fuzzed file we generate. It should contain a single String called Value. Put this data model prior to the state model.
<DataModel name="Param">
<String name="Value" isStatic="true" />
</DataModel>
Sweet! We are all set!
<< Previouse | Up | Next >>