CN111913877A - Fuzzy test method and device for text configuration file - Google Patents

Fuzzy test method and device for text configuration file Download PDF

Info

Publication number
CN111913877A
CN111913877A CN202010636048.7A CN202010636048A CN111913877A CN 111913877 A CN111913877 A CN 111913877A CN 202010636048 A CN202010636048 A CN 202010636048A CN 111913877 A CN111913877 A CN 111913877A
Authority
CN
China
Prior art keywords
key
keys
file
seed file
text
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010636048.7A
Other languages
Chinese (zh)
Other versions
CN111913877B (en
Inventor
宋站威
曾怡诚
刘明东
朱红松
李志�
孙利民
石志强
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Institute of Information Engineering of CAS
Original Assignee
Institute of Information Engineering of CAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Institute of Information Engineering of CAS filed Critical Institute of Information Engineering of CAS
Priority to CN202010636048.7A priority Critical patent/CN111913877B/en
Publication of CN111913877A publication Critical patent/CN111913877A/en
Application granted granted Critical
Publication of CN111913877B publication Critical patent/CN111913877B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Prevention of errors by analysis, debugging or testing of software
    • G06F11/3668Testing of software
    • G06F11/3672Test management
    • G06F11/3688Test management for test execution, e.g. scheduling of test suites
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Prevention of errors by analysis, debugging or testing of software
    • G06F11/3668Testing of software
    • G06F11/3672Test management
    • G06F11/3684Test management for test design, e.g. generating new test cases

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Quality & Reliability (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Debugging And Monitoring (AREA)

Abstract

本发明实施例提供一种面向文本配置文件的模糊测试方法及装置,所述方法包括:识别所述目标配置文件的文本文件格式类型,并确定所述目标配置文件的键值key‑value对;对以所述目标配置文件作为输入的程序进行预模糊测试以检测所述程序是否有格式上的漏洞,并提取所述程序中的所有可见字符串,对所述目标配置文件的key‑value对中的key进行变异,得到key组合种子文件;基于所述key组合种子文件中key的权重,对所述key组合种子文件中的key对应的value进行变异,得到新的组合种子文件,挖掘所述程序的漏洞。本发明实施例实现了全面地挖掘程序中较深层次的漏洞,提升面向文本配置文件的模糊测试效率。

Figure 202010636048

Embodiments of the present invention provide a text configuration file-oriented fuzzing testing method and device, the method comprising: identifying a text file format type of the target configuration file, and determining a key-value pair of the target configuration file; Perform a pre-fuzzing test on the program that takes the target configuration file as input to detect whether the program has loopholes in the format, and extract all visible strings in the program, and the key-value pairs of the target configuration file are The key in the key combination seed file is mutated to obtain a key combination seed file; based on the weight of the key in the key combination seed file, the value corresponding to the key in the key combination seed file is mutated to obtain a new combination seed file. bugs in the program. The embodiment of the present invention realizes the comprehensive mining of deeper-level loopholes in the program, and improves the efficiency of fuzzy testing oriented to text configuration files.

Figure 202010636048

Description

一种面向文本配置文件的模糊测试方法及装置A text configuration file-oriented fuzzy testing method and device

技术领域technical field

本发明涉及漏洞挖掘与分析领域,具体涉及一种面向文本配置文件的模糊测试方法及装置。The invention relates to the field of vulnerability mining and analysis, in particular to a text configuration file-oriented fuzzy testing method and device.

背景技术Background technique

模糊测试是一项通过动态方式对软件或系统进行漏洞挖掘的技术。模糊测试工具以AFL为代表,其理念为动态执行与路径覆盖率提高,大致实现方式为将种子文件作为输入实际执行测试程序,同时通过插桩的方式记录每个种子文件对应的执行路径,随后对种子文件尝试变异,以尝试使得变异后的种子文件作为程序输入能够让程序经过不同的执行路径。Fuzzing is a technique for exploiting vulnerabilities in software or systems in a dynamic manner. The fuzzing tool is represented by AFL, and its concept is dynamic execution and path coverage improvement. The general implementation method is to use the seed file as input to actually execute the test program, and at the same time record the execution path corresponding to each seed file by instrumentation, and then Attempts to mutate the seed file to try to make the mutated seed file as input to the program allow the program to go through different execution paths.

在模糊测试的现有技术中,输入类型往往是多种多样的,可以是通过socket进行网络数据输入,也可以是对程序命令行参数读取输入,还有可能是直接从程序的配置文件中读取输入。但是同一个模糊测试方法,即变异算法,针对不同类型输入程序的模糊测试的效率和覆盖率不够高。In the prior art of fuzzing testing, the input types are often diverse, which can be network data input through sockets, or read input from program command line parameters, or directly from the program's configuration file. Read input. But the same fuzzing method, namely mutation algorithm, is not efficient and coverage enough for fuzzing different types of input programs.

因此,如何实现面向文本配置文件的模糊测试方法,提升面向文本配置文件的模糊测试效率和覆盖率,成为亟待解决的问题。Therefore, how to implement a fuzzing method oriented to text configuration files and improve the efficiency and coverage of fuzzing testing oriented to text configuration files has become an urgent problem to be solved.

发明内容SUMMARY OF THE INVENTION

针对现有技术中的缺陷,本发明实施例提供一种面向文本配置文件的模糊测试方法及装置。Aiming at the defects in the prior art, the embodiments of the present invention provide a text configuration file-oriented fuzzing testing method and apparatus.

第一方面,本发明实施例提供一种面向文本配置文件的模糊测试方法,包括:In a first aspect, an embodiment of the present invention provides a text configuration file-oriented fuzzing testing method, including:

获取文本文件格式的目标配置文件;Get the target configuration file in text file format;

识别所述目标配置文件的文本文件格式类型,并确定所述目标配置文件的键值key-value对;Identify the text file format type of the target configuration file, and determine the key-value key-value pair of the target configuration file;

对以所述目标配置文件作为输入的程序进行预模糊测试以检测所述程序是否有格式上的漏洞,并提取所述程序中的所有可见字符串;pre-fuzzing a program with the target configuration file as input to detect whether the program has a format vulnerability, and extracting all visible strings in the program;

利用所述可见字符串,对所述目标配置文件的key-value对中的key进行变异,得到key组合种子文件;Using the visible string, mutate the key in the key-value pair of the target configuration file to obtain a key combination seed file;

基于所述key组合种子文件中key的权重,对所述key组合种子文件中的key对应的value进行变异,得到新的组合种子文件;Based on the weight of the key in the key combination seed file, mutate the value corresponding to the key in the key combination seed file to obtain a new combination seed file;

利用所述新的组合种子文件挖掘所述程序的漏洞。Use the new combined seed file to mine the program for vulnerabilities.

可选地,所述利用所述可见字符串,对所述目标配置文件的key-value对中的key进行变异,得到key组合种子文件,具体包括:Optionally, the use of the visible string to mutate the key in the key-value pair of the target configuration file to obtain a key combination seed file, specifically including:

针对每个所述可见字符串,利用当前可见字符串替换所述key-value对中的key,得到种子文件,将所述种子文件作为输入插桩执行,若产生了新的执行路径,则将所述key存储至有效key集合;For each of the visible strings, replace the key in the key-value pair with the current visible string to obtain a seed file, and execute the seed file as an input instrumentation. If a new execution path is generated, then The key is stored in a valid key set;

基于所述有效key集合,依次对所述种子文件中的key随机地进行删除、替换和增加操作中的任一种,得到key组合种子文件。Based on the valid key set, any one of the operations of deleting, replacing and adding keys in the seed file is randomly performed in sequence to obtain a key combination seed file.

可选地,所述基于所述key组合种子文件中key的权重,对所述key组合种子文件中的key对应的value进行变异,得到新的组合种子文件,具体包括:Optionally, based on the weight of the key in the key combination seed file, mutate the value corresponding to the key in the key combination seed file to obtain a new combined seed file, specifically including:

针对所述key组合种子文件中的每个key对应的value进行变异,若判断插桩执行后产生了新的执行路径,根据所述新的执行路径中产生的新代码块数量设置对应key的权重;The value corresponding to each key in the key combination seed file is mutated. If it is determined that a new execution path is generated after the execution of the instrumentation, the weight of the corresponding key is set according to the number of new code blocks generated in the new execution path. ;

从权重高的前N个key中随机选取M个key,对所述M个key对应的value进行变异,若判断插桩执行后产生了新的执行路径,则同时增大所述M个key的权重,或者,若判断插桩执行后没有产生新的执行路径,则同时减小所述M个key的权重,若所述M个key中存在P个key的权重低于权重高的前N个key的权重,则重新从权重高的前N个key中随机选取M个key,直至所述M个key的权重都不大于权重阈值,得到新的组合种子文件;M keys are randomly selected from the top N keys with high weights, and the values corresponding to the M keys are mutated. If it is judged that a new execution path is generated after the execution of the instrumentation, the value of the M keys is increased at the same time. Weight, or, if it is judged that no new execution path is generated after the instrumentation is executed, the weights of the M keys are reduced at the same time, and if there are P keys in the M keys, the weights of P keys are lower than the top N with high weights The weight of the key, then randomly select M keys from the top N keys with high weights, until the weight of the M keys is not greater than the weight threshold, and obtain a new combined seed file;

其中,N,M和P均为大于等于1的自然数,N≥M≥P。Among them, N, M and P are all natural numbers greater than or equal to 1, and N≥M≥P.

可选地,所述对所述key组合种子文件中的key对应的value进行变异,具体包括:Optionally, mutating the value corresponding to the key in the key combination seed file specifically includes:

循环执行以下步骤预设次数:随机选择一条操作策略对所述key组合种子文件中的Q个key对应的value进行变异;Execute the following steps in a loop for a preset number of times: randomly select an operation strategy to mutate the values corresponding to the Q keys in the key combination seed file;

其中,所述预设次数根据所述key对应的value的数据长度确定;所述操作策略包括按位翻转,整数加减,数据插入和数据删减;Q为大于等于1的自然数。The preset number of times is determined according to the data length of the value corresponding to the key; the operation strategy includes bitwise flip, integer addition and subtraction, data insertion and data deletion; Q is a natural number greater than or equal to 1.

第二方面,本发明实施例提供一种面向文本配置文件的模糊测试装置,包括:In a second aspect, an embodiment of the present invention provides a text configuration file-oriented fuzzing test device, including:

获取模块,用于获取文本文件格式的目标配置文件;Get module, used to get the target configuration file in text file format;

识别模块,用于识别所述目标配置文件的文本文件格式类型,并确定所述目标配置文件的键值key-value对;An identification module for identifying the text file format type of the target configuration file, and determining the key-value key-value pair of the target configuration file;

检测提取模块,用于对以所述目标配置文件作为输入的程序进行预模糊测试以检测所述程序是否有格式上的漏洞,并提取所述程序中的所有可见字符串;A detection and extraction module, configured to perform a pre-fuzzing test on a program that takes the target configuration file as an input to detect whether the program has a format loophole, and extract all visible strings in the program;

key变异模块,用于利用所述可见字符串,对所述目标配置文件的key-value对中的key进行变异,得到key组合种子文件;The key mutation module is used to mutate the key in the key-value pair of the target configuration file by using the visible string to obtain a key combination seed file;

value变异模块,用于基于所述key组合种子文件中key的权重,对所述key组合种子文件中的key对应的value进行变异,得到新的组合种子文件;The value mutation module is used to mutate the value corresponding to the key in the key combination seed file based on the weight of the key in the key combination seed file to obtain a new combination seed file;

挖掘模块,用于利用所述新的组合种子文件挖掘所述程序的漏洞。The mining module is used for mining the vulnerabilities of the program by using the new combined seed file.

可选地,所述时间窗口内的采样频率固定设置,且至少为肌电信号频率有效值的两倍。Optionally, the sampling frequency in the time window is set fixedly, and is at least twice the effective value of the frequency of the electromyography signal.

可选地,所述key变异模块,具体用于:Optionally, the key mutation module is specifically used for:

针对每个所述可见字符串,利用当前可见字符串替换所述key-value对中的key,得到种子文件,将所述种子文件作为输入插桩执行,若产生了新的执行路径,则将所述key存储至有效key集合;For each of the visible strings, replace the key in the key-value pair with the current visible string to obtain a seed file, and execute the seed file as an input instrumentation. If a new execution path is generated, then The key is stored in a valid key set;

基于所述有效key集合,依次对所述种子文件中的key随机地进行删除、替换和增加操作中的任一种,得到key组合种子文件。Based on the valid key set, any one of the operations of deleting, replacing and adding keys in the seed file is randomly performed in sequence to obtain a key combination seed file.

可选地,所述value变异模块,具体用于:Optionally, the value mutation module is specifically used for:

针对所述key组合种子文件中的每个key对应的value进行变异,若判断插桩执行后产生了新的执行路径,根据所述新的执行路径中产生的新代码块数量设置对应key的权重;The value corresponding to each key in the key combination seed file is mutated. If it is determined that a new execution path is generated after the execution of the instrumentation, the weight of the corresponding key is set according to the number of new code blocks generated in the new execution path. ;

从权重高的前N个key中随机选取M个key,对所述M个key对应的value进行变异,若判断插桩执行后产生了新的执行路径,则同时增大所述M个key的权重,或者,若判断插桩执行后没有产生新的执行路径,则同时减小所述M个key的权重,若所述M个key中存在P个key的权重低于权重高的前N个key的权重,则重新从权重高的前N个key中随机选取M个key,直至所述M个key的权重都不大于权重阈值,得到新的组合种子文件;M keys are randomly selected from the top N keys with high weights, and the values corresponding to the M keys are mutated. If it is judged that a new execution path is generated after the execution of the instrumentation, the value of the M keys is increased at the same time. Weight, or, if it is judged that no new execution path is generated after the instrumentation is executed, the weights of the M keys are reduced at the same time, and if there are P keys in the M keys, the weights of P keys are lower than the top N with high weights The weight of the key, then randomly select M keys from the top N keys with high weights, until the weight of the M keys is not greater than the weight threshold, and obtain a new combined seed file;

其中,N,M和P均为大于等于1的自然数,N≥M≥P。Among them, N, M and P are all natural numbers greater than or equal to 1, and N≥M≥P.

可选地,所述value变异模块,具体还用于:Optionally, the value mutation module is also specifically used for:

循环执行以下步骤预设次数:随机选择一条操作策略对所述key组合种子文件中的Q个key对应的value进行变异;Execute the following steps in a loop for a preset number of times: randomly select an operation strategy to mutate the values corresponding to the Q keys in the key combination seed file;

其中,所述预设次数根据所述key对应的value的数据长度确定;所述操作策略包括按位翻转,整数加减,数据插入和数据删减;Q为大于等于1的自然数。The preset number of times is determined according to the data length of the value corresponding to the key; the operation strategy includes bitwise flip, integer addition and subtraction, data insertion and data deletion; Q is a natural number greater than or equal to 1.

第三方面本发明实施例提供一种电子设备,包括存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,所述处理器执行所述程序时实现以上第一方面所述的面向文本配置文件的模糊测试方法的步骤。Third aspect An embodiment of the present invention provides an electronic device, including a memory, a processor, and a computer program stored in the memory and running on the processor, the processor implementing the above-mentioned first aspect when the program is executed. The steps of a textual profile-oriented fuzzing approach.

第四方面本发明实施例提供一种非暂态计算机可读存储介质,其上存储有计算机程序,该计算机程序被处理器执行时实现以上第一方面所述的面向文本配置文件的模糊测试方法的步骤。Fourth aspect An embodiment of the present invention provides a non-transitory computer-readable storage medium on which a computer program is stored, and when the computer program is executed by a processor, implements the text configuration file-oriented fuzzing method described in the first aspect above A step of.

本发明实施例提供了面向文本配置文件的模糊测试方法,该方法中,通过对以文本文件格式的目标配置文件作为输入的程序进行预模糊测试、key变异和value变异,得到新的组合种子文件,并进行模糊测试,能够全面地挖掘程序中较深层次的漏洞,提升面向文本配置文件的模糊测试效率。The embodiment of the present invention provides a text configuration file-oriented fuzzing testing method. In the method, a new combined seed file is obtained by performing pre-fuzzing testing, key mutation and value mutation on a program that takes a target configuration file in text file format as input , and perform fuzz testing, which can comprehensively dig deeper loopholes in the program and improve the efficiency of fuzz testing oriented to text configuration files.

附图说明Description of drawings

为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作一简单地介绍,显而易见地,下面描述中的附图是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the following briefly introduces the accompanying drawings that need to be used in the description of the embodiments or the prior art. Obviously, the accompanying drawings in the following description These are some embodiments of the present invention. For those of ordinary skill in the art, other drawings can also be obtained according to these drawings without creative efforts.

图1为本发明实施例提供的一种面向文本配置文件的模糊测试方法的流程示意图;1 is a schematic flowchart of a text configuration file-oriented fuzzing testing method provided by an embodiment of the present invention;

图2为本发明实施例提供的另一面向文本配置文件的模糊测试方法的流程示意图;2 is a schematic flowchart of another text configuration file-oriented fuzzing testing method provided by an embodiment of the present invention;

图3为本发明实施例提供的面向文本配置文件的模糊测试装置的结构示意图;3 is a schematic structural diagram of a text configuration file-oriented fuzzing test device provided by an embodiment of the present invention;

图4是本发明实施例提供的一种电子设备的实体结构示意图。FIG. 4 is a schematic diagram of a physical structure of an electronic device according to an embodiment of the present invention.

具体实施方式Detailed ways

为使本发明实施例的目的、技术方案和优点更加清楚,下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。In order to make the purposes, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments These are some embodiments of the present invention, but not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative efforts shall fall within the protection scope of the present invention.

图1是本发明实施例提供的一种心电电极复用为按键的方法的流程示意图,图2是本发明实施例提供的另一心电电极复用为按键的方法的流程示意图,如图1和2所示,所述方法包括:1 is a schematic flowchart of a method for multiplexing an ECG electrode into a button provided by an embodiment of the present invention, and FIG. 2 is a schematic flowchart of another method for multiplexing an ECG electrode into a button provided by an embodiment of the present invention, as shown in FIG. 1 and 2, the method includes:

S101:获取文本文件格式的目标配置文件。S101: Obtain a target configuration file in a text file format.

其中,所述目标配置文件的格式一般包括二进制文件格式(包含不可见字符,有独特的文件结构)、文本文件格式(全是可见字符)与数据库格式(存储在数据库文件中)。其中文本文件格式一般又分3种类型,包括键值对格式、json格式与XML格式。The format of the target configuration file generally includes a binary file format (including invisible characters and a unique file structure), a text file format (all visible characters), and a database format (stored in a database file). The text file format is generally divided into three types, including key-value pair format, json format and XML format.

具体地,本发明实施例针对对象为需要使用文本格式的目标配置文件的软件或服务,首先,获取文本文件格式的目标配置文件。Specifically, the embodiment of the present invention is directed to software or services that need to use a target configuration file in a text format. First, the target configuration file in a text file format is obtained.

S102:识别所述目标配置文件的文本文件格式类型,并确定所述目标配置文件的键值key-value对。S102: Identify the text file format type of the target configuration file, and determine a key-value key-value pair of the target configuration file.

具体地,识别目标配置文件采用的文本文件格式类型是键值对、json或是XML。Specifically, the type of text file format used to identify the target configuration file is key-value pair, json or XML.

对于键值对格式类型,一般文件中每行左边是一个标识符作为key,中间使用“=”连接,右边则是key对应的value。For the key-value pair format type, in the general file, the left side of each line is an identifier as the key, the middle is connected by "=", and the right side is the value corresponding to the key.

对于json格式而言,一般以“{”与“}”包裹主体,key与value用引号包裹并用“:”隔开。For the json format, the main body is usually wrapped with "{" and "}", and the key and value are wrapped in quotation marks and separated by ":".

对于XML格式而言,主体为XML标签,并且key作为标签名而value作为标签值,或者key和value直接作为标签属性用“=”分隔。For the XML format, the body is an XML tag, and the key is used as the tag name and the value is used as the tag value, or the key and value are directly used as tag attributes and separated by "=".

针对键值对、json或是XML的文本文件格式类型,确定所述目标配置文件的键值key-value对,定位key和value的位置。For the text file format type of key-value pair, json or XML, determine the key-value key-value pair of the target configuration file, and locate the positions of the key and value.

S103:对以所述目标配置文件作为输入的程序进行预模糊测试以检测所述程序是否有格式上的漏洞,并提取所述程序中的所有可见字符串。S103: Perform a pre-fuzzing test on a program that takes the target configuration file as an input to detect whether the program has a format loophole, and extract all visible strings in the program.

其中,所述预模糊测试是使用模糊测试工具AFL对程序进行初步的模糊测试,以挖掘在目标配置文件格式错误的情况下的漏洞。Wherein, the pre-fuzzing test is to use the fuzzing tool AFL to perform a preliminary fuzzing test on the program, so as to dig out the loopholes when the format of the target configuration file is wrong.

具体地,首先,使用模糊测试工具AFL对以所述目标配置文件作为输入的程序进行预模糊测试,检测所述程序是否有格式上的漏洞,然后,从程序的.data段中通过遍历识别所有的可见字符串,每个可见字符串是以“\0”、“\r”、“\n”和“\t”作为结尾,在一个实施例中,为了便于后续步骤处理,识别所有的可见字符串后,将所有的可见字符串结尾字符统一换为“\0”。Specifically, first, use the fuzzing tool AFL to perform a pre-fuzzing test on the program that takes the target configuration file as input to detect whether the program has a format vulnerability, and then identify all the programs from the .data segment of the program through traversal. The visible strings of the After the string, replace all visible end-of-string characters with "\0".

步骤S101-S103为对文本文件格式的目标配置文件的预处理。Steps S101-S103 are preprocessing of the target configuration file in text file format.

S104:利用所述可见字符串,对所述目标配置文件的key-value对中的key进行变异,得到key组合种子文件。S104: Using the visible character string, mutate the key in the key-value pair of the target configuration file to obtain a key combination seed file.

具体地,使用对文本文件格式的目标配置文件预处理中提取的可见字符串替换目标配置文件中的key,或直接在目标配置文件中增加新的key-value对,也能够直接删除目标配置文件中的key,再进行插桩执行判断,得到key组合种子文件。Specifically, replace the key in the target configuration file with the visible string extracted from the preprocessing of the target configuration file in text file format, or directly add a new key-value pair in the target configuration file, or directly delete the target configuration file The key in the key, and then perform the instrumentation execution judgment to obtain the key combination seed file.

所述插桩执行是在被测程序中插入探针,然后通过探针的执行来获得程序的控制流和数据流信息,以此来实现测试的目的。需要说明的是,本发明实施例不对key本身进行字节变异,因为如果仅仅key字节自身变异就存在漏洞一般能在预模糊测试中发现,而后续测试中如果key是错误的话往往会导致目标配置文件解析失败,增加很多无用的种子文件,大大降低测试效率。The instrumentation execution is to insert a probe into the program under test, and then obtain the control flow and data flow information of the program through the execution of the probe, so as to achieve the purpose of testing. It should be noted that the embodiment of the present invention does not perform byte mutation on the key itself, because if only the key byte itself mutates, there is a vulnerability that can generally be found in the pre-fuzzing test, and if the key is wrong in the subsequent test, it will often lead to the target. The configuration file parsing fails, adding a lot of useless torrent files, which greatly reduces the test efficiency.

S105:基于所述key组合种子文件中key的权重,对所述key组合种子文件中的key对应的value进行变异,得到新的组合种子文件。S105: Based on the weight of the key in the key combination seed file, mutate the value corresponding to the key in the key combination seed file to obtain a new combined seed file.

具体地,得到了步骤S104中确定的key组合种子文件,然后根据所述key组合种子文件中key的权重,对该key组合种子文件中的key对应的value进行变异,进行插桩执行判断,得到新的组合种子文件。需要说明的是,key将决定解析时执行的函数,而value往往是作为函数的执行参数。Specifically, the key combination seed file determined in step S104 is obtained, and then according to the weight of the key in the key combination seed file, the value corresponding to the key in the key combination seed file is mutated, and the instrumentation execution judgment is performed to obtain New combined seed file. It should be noted that the key will determine the function executed during parsing, and the value is often used as the execution parameter of the function.

S106:利用所述新的组合种子文件挖掘所述程序的漏洞。S106: Use the new combined seed file to mine the loopholes of the program.

将步骤S105得到的所述新的组合种子文件作为输入的程序进行模糊测试,挖掘程序中较深层次的漏洞。A fuzz test is performed on the program using the new combined seed file obtained in step S105 as an input, and deeper-level loopholes in the program are excavated.

本发明实施例提供了面向文本配置文件的模糊测试方法,该方法中,通过对以文本文件格式的目标配置文件作为输入的程序进行预模糊测试、key变异和value变异,得到新的组合种子文件后进行模糊测试,能够全面地挖掘程序中较深层次的漏洞,提升面向文本配置文件的模糊测试效率。The embodiment of the present invention provides a text configuration file-oriented fuzzing testing method. In the method, a new combined seed file is obtained by performing pre-fuzzing testing, key mutation and value mutation on a program that takes a target configuration file in text file format as input After fuzzing testing, it can comprehensively dig deeper loopholes in the program and improve the efficiency of fuzzing testing oriented to text configuration files.

进一步地,在上述发明实施例的基础上,所述利用所述可见字符串,对所述目标配置文件的key-value对中的key进行变异,得到key组合种子文件,具体包括:Further, on the basis of the above embodiments of the invention, the use of the visible string to mutate the key in the key-value pair of the target configuration file to obtain a key combination seed file specifically includes:

针对每个所述可见字符串,利用当前可见字符串替换所述key-value对中的key,得到种子文件,将所述种子文件作为输入插桩执行,若产生了新的执行路径,则将所述key存储至有效key集合;For each of the visible strings, replace the key in the key-value pair with the current visible string to obtain a seed file, and execute the seed file as an input instrumentation. If a new execution path is generated, then The key is stored in a valid key set;

基于所述有效key集合,依次对所述种子文件中的key随机地进行删除、替换和增加操作中的任一种,得到key组合种子文件。Based on the valid key set, any one of the operations of deleting, replacing and adding keys in the seed file is randomly performed in sequence to obtain a key combination seed file.

具体地,首先,逐个使用预处理中提取的可见字符串替换目标配置文件中的key-value对中的key,在每替换一个key之后,就得到种子文件,将种子作为输入的程序插桩执行,若产生了新的执行路径,那么替换的可见字符串很可能是有效key,则将所述key存储至有效key集合,再提取最终的有效key集合。Specifically, first, use the visible strings extracted in the preprocessing to replace the keys in the key-value pair in the target configuration file one by one. After each key is replaced, a seed file is obtained, and the seed is used as the input program to instrument and execute. , if a new execution path is generated, the replaced visible string is likely to be a valid key, then the key is stored in the valid key set, and then the final valid key set is extracted.

然后,依次对所述种子文件中的key随机地进行删除、替换和增加操作中的任一种,最终,得到key组合种子文件。对于替换key操作,是直接将预处理中定位的key位置替换为新的key即可。Then, any one of the operations of deleting, replacing and adding keys in the seed file is randomly performed in sequence, and finally, a key combination seed file is obtained. For the replacement key operation, you can directly replace the key position located in the preprocessing with the new key.

当目标配置文件采用的文本文件格式类型是键值对时,增加或删除key-value对操作,是直接匹配格式为“key=value”的对应key-value行进行增加或删除即可。When the text file format type used by the target configuration file is key-value pair, the operation of adding or deleting key-value pair is to directly match the corresponding key-value line with the format of "key=value" to add or delete it.

当目标配置文件采用的文本文件格式类型是json时,增加和删除key-value对操作,是直接匹配格式为‘“key”:“value”’的对应key-value项进行增加或删除即可。When the text file format type used by the target configuration file is json, the operation of adding and deleting key-value pairs is to directly match the corresponding key-value items in the format of '"key":"value"' to add or delete them.

当目标配置文件采用的文本文件格式类型是XML时,增加或删除key-value对操作,需要先识别该key-value对所在的标签,直接增删整个标签即可;如果key-value是作为标签的属性存放在标签中,且标签还有其他属性,则仅增删标签属性而不增删标签;如果标签没有其他属性,则增删整个标签。When the text file format type used by the target configuration file is XML, to add or delete a key-value pair, you need to first identify the label where the key-value pair is located, and directly add or delete the entire label; if the key-value is used as a label If the attribute is stored in the tag, and the tag has other attributes, only the tag attribute will be added or deleted without adding or deleting the tag; if the tag has no other attributes, the entire tag will be added or deleted.

本发明实施例提供了面向文本配置文件的模糊测试方法,该方法中,通过基于所述有效key集合,依次对所述种子文件中的key随机地进行删除、替换和增加操作中的任一种,对key进行变异,得到key组合种子文件,能够更为全面地挖掘程序中的漏洞,提升面向文本配置文件的模糊测试效率。The embodiment of the present invention provides a fuzzing test method oriented to a text configuration file. In the method, based on the valid key set, the keys in the seed file are randomly deleted, replaced and added in sequence. , mutate the key to obtain the key combination seed file, which can more comprehensively mine the loopholes in the program and improve the fuzzing efficiency for text configuration files.

进一步地,在上述发明实施例的基础上,所述基于所述key组合种子文件中key的权重,对所述key组合种子文件中的key对应的value进行变异,得到新的组合种子文件,具体包括:Further, on the basis of the above-mentioned embodiments of the invention, the value corresponding to the key in the key combination seed file is mutated based on the weight of the key in the key combination seed file to obtain a new combination seed file, specifically: include:

针对所述key组合种子文件中的每个key对应的value进行变异,若判断插桩执行后产生了新的执行路径,根据所述新的执行路径中产生的新代码块数量设置对应key的权重;The value corresponding to each key in the key combination seed file is mutated. If it is determined that a new execution path is generated after the execution of the instrumentation, the weight of the corresponding key is set according to the number of new code blocks generated in the new execution path. ;

从权重高的前N个key中随机选取M个key,对所述M个key对应的value进行变异,若判断插桩执行后产生了新的执行路径,则同时增大所述M个key的权重,或者,若判断插桩执行后没有产生新的执行路径,则同时减小所述M个key的权重,若所述M个key中存在P个key的权重低于权重高的前N个key的权重,则重新从权重高的前N个key中随机选取M个key,直至所述M个key的权重都不大于权重阈值,得到新的组合种子文件;M keys are randomly selected from the top N keys with high weights, and the values corresponding to the M keys are mutated. If it is judged that a new execution path is generated after the execution of the instrumentation, the value of the M keys is increased at the same time. Weight, or, if it is judged that no new execution path is generated after the instrumentation is executed, the weights of the M keys are reduced at the same time, and if there are P keys in the M keys, the weights of P keys are lower than the top N with high weights The weight of the key, then randomly select M keys from the top N keys with high weights, until the weight of the M keys is not greater than the weight threshold, and obtain a new combined seed file;

其中,N,M和P均为大于等于1的自然数,N≥M≥P。Among them, N, M and P are all natural numbers greater than or equal to 1, and N≥M≥P.

具体地,得到key组合种子文件后,首先,根据所述key组合种子文件中key的权重,逐个对该key组合种子文件中的key对应的value进行变异,若判断该变异后的种子文件进行插桩执行时产生了新的执行路径,则根据所述新的执行路径中产生的新代码块数量设置对应key的权重。例如,原本3个key的value分别是[1,2,3],先对第一个key的value变异得到[xxxx,2,3],然后保持第一个key原本的value,对第2个key的value变异得到[1,xxxxx,3],最后对第3个key的value变异得到[1,2,xxxxxxx],根据新出现的执行路径里的新代码块数量设置对应key的权重,新增代码块也是以初始value[1,2,3]时的路径作为对比,每增加一个新代码块对应key权重+1。需要说明的是,为了以示区别,用xxxx表示第一个key的value变异后的值,用xxxxx表示第2个key的value变异后的值,用xxxxxxx表示第3个key的value变异后的值,xxxx、xxxxx和xxxxxxx之间无关联。Specifically, after the key combination seed file is obtained, first, according to the weight of the key in the key combination seed file, the value corresponding to the key in the key combination seed file is mutated one by one. When a new execution path is generated when the stub is executed, the weight of the corresponding key is set according to the number of new code blocks generated in the new execution path. For example, the values of the original 3 keys are [1, 2, 3], first mutate the value of the first key to obtain [xxxx, 2, 3], and then keep the original value of the first key, and for the second key The value of the key is mutated to get [1, xxxxx, 3], and finally the value of the third key is mutated to get [1, 2, xxxxxxx], and the weight of the corresponding key is set according to the number of new code blocks in the new execution path. The added code block is also compared with the path of the initial value[1,2,3], and each new code block added corresponds to the key weight +1. It should be noted that, in order to show the difference, use xxxx to represent the mutated value of the first key, use xxxxx to represent the mutated value of the second key, and use xxxxxxx to represent the mutated value of the third key value, there is no association between xxxx, xxxxx, and xxxxxxx.

然后,从权重高的前N个key中随机选取M个key,对所述M个key对应的value进行变异,若判断该变异后的种子文件进行插桩执行时产生了新的执行路径,则同时增大所述M个key的权重,或者是,若判断该变异后的种子文件进行插桩执行时没有产生新的执行路径,则同时减小所述M个key的权重,若所述M个key中存在P个key的权重低于权重高的前N个key的权重,则重新从权重高的前N个key中随机选取M个key,直至所述M个key的权重都不大于权重阈值,得到新的组合种子文件。例如,设置好对应key的权重后,随机从权重高的10个key里选5个key,同时对他们的value进行变异。当出现新路径时,5个key的权重全部增加新增代码块数量;当没有新路径出现时,这5个key权重全部减1(这里的新路径是把以往的所有路径作为基础,目的更倾向于探索之前未走过的路径)。当选取的5个key中有2个key的权重低于前10时,则重新从前10个key中选5个key变异,重复以上过程。当所有key权重都变成1,这个key组合的value变异结束,得到新的组合种子文件。当多次value变异后仍未出现新的执行路径,则重新选取key组合种子文件。Then, randomly select M keys from the top N keys with high weights, and mutate the values corresponding to the M keys. If it is judged that a new execution path is generated when the mutated seed file is instrumented and executed, then At the same time, increase the weights of the M keys, or, if it is judged that no new execution path is generated when the mutated seed file is inserted and executed, then reduce the weights of the M keys at the same time. There are P keys whose weights are lower than the weights of the top N keys with high weights, and then M keys are randomly selected from the top N keys with high weights until the weights of the M keys are not greater than the weights. Threshold to get the new combined seed file. For example, after setting the weight of the corresponding key, randomly select 5 keys from 10 keys with high weights, and mutate their values at the same time. When a new path appears, the weights of the five keys are all increased by the number of new code blocks; when no new paths appear, the weights of the five keys are all reduced by 1 (the new path here is based on all previous paths, and the purpose is to change tend to explore previously untrodden paths). When the weight of 2 keys in the selected 5 keys is lower than the top 10, then 5 key variants are re-selected from the top 10 keys, and the above process is repeated. When all key weights become 1, the value mutation of this key combination ends, and a new combination seed file is obtained. When a new execution path does not appear after multiple value mutations, reselect the key combination seed file.

本发明实施例提供了面向文本配置文件的模糊测试方法,该方法中,通过根据所述新的执行路径中产生的新代码块数量设置对应key的权重,并从权重高的前N个key中随机选取M个key,根据新的执行路径,调整M个key的权重,使得都不大于权重阈值,对value进行变异,得到新的组合种子文件,能够挖掘程序中较深层次的漏洞,提升面向文本配置文件的模糊测试效率。The embodiment of the present invention provides a text configuration file-oriented fuzzing test method. In the method, the weight of the corresponding key is set according to the number of new code blocks generated in the new execution path, and the weight of the first N keys with high weight is selected from the key. Randomly select M keys, adjust the weights of M keys according to the new execution path, so that they are not greater than the weight threshold, mutate the value, and obtain a new combined seed file, which can dig deeper loopholes in the program and improve the orientation Fuzzing efficiency for text configuration files.

进一步地,在上述发明实施例的基础上,所述对所述key组合种子文件中的key对应的value进行变异,具体包括:Further, on the basis of the above embodiments of the invention, the variation of the value corresponding to the key in the key combination seed file specifically includes:

循环执行以下步骤预设次数:随机选择一条操作策略对所述key组合种子文件中的Q个key对应的value进行变异;Execute the following steps in a loop for a preset number of times: randomly select an operation strategy to mutate the values corresponding to the Q keys in the key combination seed file;

其中,所述预设次数根据所述key对应的value的数据长度确定;所述操作策略包括按位翻转,整数加减,数据插入和数据删减;Q为大于等于1的自然数。The preset number of times is determined according to the data length of the value corresponding to the key; the operation strategy includes bitwise flip, integer addition and subtraction, data insertion and data deletion; Q is a natural number greater than or equal to 1.

具体地,对所述key组合种子文件中的key对应的value进行变异,详细为循环执行以下步骤预设次数:随机选择一条操作策略对所述key组合种子文件中的Q个key对应的value进行变异;所述操作策略包括按位翻转,整数加减,数据插入和数据删减。例如,变异时将随机翻转value的某些bit、对随机的字节加减随机的整数、对随机的字按随机大端序、小端序加减随机整数、对随机的双字按随机大端序、小端序加减随机整数、对随机的字按随机大端序、小端序加减随机整数、选择随机的位置插入随机长度数据,其80%内容来自value自身,20%内容随机生成和选择随机的位置删除随机长度数据。循环从以上7个策略中随机选择一条策略进行变异,循环的预设次数设置为value的数据长度*(1到2之间的一个随机数)。Specifically, the value corresponding to the key in the key combination seed file is mutated, and the details are cyclically executing the following steps for a preset number of times: randomly select an operation strategy to perform the value corresponding to the Q keys in the key combination seed file. Mutation; the operation strategies include bit-wise flipping, integer addition and subtraction, data insertion and data deletion. For example, some bits of the value will be randomly flipped during mutation, random integers will be added or subtracted to random bytes, random big-endian or little-endian random integers will be added or subtracted to random words, and random double words will be added or subtracted by random big-endian order. Add or subtract random integers in endian or little-endian order, add or subtract random integers in random big-endian or little-endian order for random words, and select random positions to insert random length data. 80% of the content comes from the value itself, and 20% of the content is random. Generate and choose random locations to delete random length data. The loop randomly selects a strategy from the above 7 strategies to mutate, and the preset number of loops is set to the data length of value * (a random number between 1 and 2).

本发明实施例提供了面向文本配置文件的模糊测试方法,该方法中,通过随机选择一条操作策略对所述key组合种子文件中的多个key对应的value进行变异,并循环执行预设次数,能够挖掘程序中较深层次的漏洞,提升面向文本配置文件的模糊测试效率。The embodiment of the present invention provides a fuzzing test method oriented to a text configuration file. In the method, a random selection of an operation strategy is used to mutate the values corresponding to multiple keys in the key combination seed file, and cyclically execute a preset number of times, It can dig deeper loopholes in the program and improve the fuzzing efficiency for text configuration files.

图3为本发明实施例提供的面向文本配置文件的模糊测试装置的结构示意图,如图3所示,所述装置包括:FIG. 3 is a schematic structural diagram of a text configuration file-oriented fuzzing test device provided by an embodiment of the present invention. As shown in FIG. 3 , the device includes:

获取模块301,用于获取文本文件格式的目标配置文件;an obtaining module 301 for obtaining a target configuration file in a text file format;

识别模块302,用于识别所述目标配置文件的文本文件格式类型,并确定所述目标配置文件的键值key-value对;An identification module 302, configured to identify the text file format type of the target configuration file, and determine the key-value key-value pair of the target configuration file;

检测提取模块303,用于对以所述目标配置文件作为输入的程序进行预模糊测试以检测所述程序是否有格式上的漏洞,并提取所述程序中的所有可见字符串;A detection and extraction module 303, configured to perform a pre-fuzzing test on a program that takes the target configuration file as an input to detect whether the program has a format loophole, and extract all visible strings in the program;

key变异模块304,用于利用所述可见字符串,对所述目标配置文件的key-value对中的key进行变异,得到key组合种子文件;The key mutation module 304 is used to mutate the key in the key-value pair of the target configuration file by using the visible string to obtain a key combination seed file;

value变异模块305,用于基于所述key组合种子文件中key的权重,对所述key组合种子文件中的key对应的value进行变异,得到新的组合种子文件;The value mutation module 305 is configured to mutate the value corresponding to the key in the key combination seed file based on the weight of the key in the key combination seed file to obtain a new combination seed file;

挖掘模块306,用于利用所述新的组合种子文件挖掘所述程序的漏洞。The mining module 306 is configured to use the new combined seed file to mine the loopholes of the program.

该面向文本配置文件的模糊测试装置用于实现前述各方法实施例提供的面向文本配置文件的模糊测试方法。因此,在前述各方法实施例中的描述和定义,可以用于本发明实施例提供的面向文本配置文件的模糊测试装置中各个执行模块的理解,在此不再赘述。The text configuration file-oriented fuzzing testing apparatus is used to implement the textual configuration file-oriented fuzzing testing methods provided by the foregoing method embodiments. Therefore, the descriptions and definitions in the foregoing method embodiments can be used for the understanding of each execution module in the text configuration file-oriented fuzzing testing apparatus provided in the embodiments of the present invention, and details are not repeated here.

本发明实施例提供了面向文本配置文件的模糊测试装置,该装置中,通过对以文本文件格式的目标配置文件作为输入的程序进行预模糊测试、key变异和value变异,得到新的组合种子文件,并进行模糊测试,能够全面地挖掘程序中较深层次的漏洞,提升面向文本配置文件的模糊测试效率。An embodiment of the present invention provides a text configuration file-oriented fuzz testing device, in which a new combined seed file is obtained by performing pre-fuzzing testing, key mutation and value mutation on a program that takes a target configuration file in text file format as input , and perform fuzz testing, which can comprehensively dig deeper loopholes in the program and improve the efficiency of fuzz testing oriented to text configuration files.

进一步地,在上述发明实施例的基础上,所述key变异模块,具体用于:Further, on the basis of the above embodiments of the invention, the key mutation module is specifically used for:

针对每个所述可见字符串,利用当前可见字符串替换所述key-value对中的key,得到种子文件,将所述种子文件作为输入插桩执行,若产生了新的执行路径,则将所述key存储至有效key集合;For each of the visible strings, replace the key in the key-value pair with the current visible string to obtain a seed file, and execute the seed file as an input instrumentation. If a new execution path is generated, then The key is stored in a valid key set;

基于所述有效key集合,依次对所述种子文件中的key随机地进行删除、替换和增加操作中的任一种,得到key组合种子文件。Based on the valid key set, any one of the operations of deleting, replacing and adding keys in the seed file is randomly performed in sequence to obtain a key combination seed file.

进一步地,在上述发明实施例的基础上,所述value变异模块,具体用于:Further, on the basis of the above embodiments of the invention, the value variation module is specifically used for:

针对所述key组合种子文件中的每个key对应的value进行变异,若判断插桩执行后产生了新的执行路径,根据所述新的执行路径中产生的新代码块数量设置对应key的权重;The value corresponding to each key in the key combination seed file is mutated. If it is determined that a new execution path is generated after the execution of the instrumentation, the weight of the corresponding key is set according to the number of new code blocks generated in the new execution path. ;

从权重高的前N个key中随机选取M个key,对所述M个key对应的value进行变异,若判断插桩执行后产生了新的执行路径,则同时增大所述M个key的权重,或者,若判断插桩执行后没有产生新的执行路径,则同时减小所述M个key的权重,若所述M个key中存在P个key的权重低于权重高的前N个key的权重,则重新从权重高的前N个key中随机选取M个key,直至所述M个key的权重都不大于权重阈值,得到新的组合种子文件;M keys are randomly selected from the top N keys with high weights, and the values corresponding to the M keys are mutated. If it is judged that a new execution path is generated after the execution of the instrumentation, the value of the M keys is increased at the same time. Weight, or, if it is judged that no new execution path is generated after the instrumentation is executed, the weights of the M keys are reduced at the same time, and if there are P keys in the M keys, the weights of P keys are lower than the top N with high weights The weight of the key, then randomly select M keys from the top N keys with high weights, until the weight of the M keys is not greater than the weight threshold, and obtain a new combined seed file;

其中,N,M和P均为大于等于1的自然数,N≥M≥P。Among them, N, M and P are all natural numbers greater than or equal to 1, and N≥M≥P.

进一步地,所述value变异模块,具体还用于:Further, the value mutation module is specifically also used for:

循环执行以下步骤预设次数:随机选择一条操作策略对所述key组合种子文件中的Q个key对应的value进行变异;Execute the following steps in a loop for a preset number of times: randomly select an operation strategy to mutate the values corresponding to the Q keys in the key combination seed file;

其中,所述预设次数根据所述key对应的value的数据长度确定;所述操作策略包括按位翻转,整数加减,数据插入和数据删减;Q为大于等于1的自然数。The preset number of times is determined according to the data length of the value corresponding to the key; the operation strategy includes bitwise flip, integer addition and subtraction, data insertion and data deletion; Q is a natural number greater than or equal to 1.

图4示例了一种电子设备的实体结构示意图,如图4所示,该电子设备可以包括:处理器(Processor)401、存储器(Memory)402、通信接口(Communications Interface)403和通信总线404,其中,处理器401,存储器402,通信接口403通过通信总线404完成相互间的通信。处理器401可以调用存储器402中的逻辑指令,以执行上述各方法实施例所提供的方法,例如包括:获取文本文件格式的目标配置文件;识别所述目标配置文件的文本文件格式类型,并确定所述目标配置文件的键值key-value对;对以所述目标配置文件作为输入的程序进行预模糊测试以检测所述程序是否有格式上的漏洞,并提取所述程序中的所有可见字符串;利用所述可见字符串,对所述目标配置文件的key-value对中的key进行变异,得到key组合种子文件;基于所述key组合种子文件中key的权重,对所述key组合种子文件中的key对应的value进行变异,得到新的组合种子文件;利用所述新的组合种子文件挖掘所述程序的漏洞。FIG. 4 illustrates a schematic diagram of the physical structure of an electronic device. As shown in FIG. 4 , the electronic device may include: a processor (Processor) 401, a memory (Memory) 402, a communication interface (Communications Interface) 403 and a communication bus 404, The processor 401 , the memory 402 , and the communication interface 403 communicate with each other through the communication bus 404 . The processor 401 can call the logic instructions in the memory 402 to execute the methods provided by the above method embodiments, for example, the method includes: obtaining a target configuration file in a text file format; identifying the text file format type of the target configuration file, and determining The key-value key-value pair of the target configuration file; perform pre-fuzzing on the program that takes the target configuration file as input to detect whether the program has a format vulnerability, and extract all visible characters in the program string; use the visible string to mutate the key in the key-value pair of the target configuration file to obtain a key combination seed file; based on the weight of the key in the key combination seed file, the key combination seed The value corresponding to the key in the file is mutated to obtain a new combined seed file; the new combined seed file is used to mine the loopholes of the program.

此外,上述的存储器402中的逻辑指令可以通过软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本发明的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本发明各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(ROM,Read-Only Memory)、随机存取存储器(RAM,Random Access Memory)、磁碟或者光盘等各种可以存储程序代码的介质。In addition, the above-mentioned logic instructions in the memory 402 can be implemented in the form of software functional units and can be stored in a computer-readable storage medium when sold or used as an independent product. Based on this understanding, the technical solution of the present invention can be embodied in the form of a software product in essence, or the part that contributes to the prior art or the part of the technical solution. The computer software product is stored in a storage medium, including Several instructions are used to cause a computer device (which may be a personal computer, a server, or a network device, etc.) to execute all or part of the steps of the methods described in the various embodiments of the present invention. The aforementioned storage medium includes: U disk, mobile hard disk, Read-Only Memory (ROM, Read-Only Memory), Random Access Memory (RAM, Random Access Memory), magnetic disk or optical disk and other media that can store program codes .

本发明实施例还提供非暂态计算机可读存储介质,其上存储有计算机程序,该计算机程序被处理器执行时实现以执行上述各方法实施例所提供的方法,例如包括:获取文本文件格式的目标配置文件;识别所述目标配置文件的文本文件格式类型,并确定所述目标配置文件的键值key-value对;对以所述目标配置文件作为输入的程序进行预模糊测试以检测所述程序是否有格式上的漏洞,并提取所述程序中的所有可见字符串;利用所述可见字符串,对所述目标配置文件的key-value对中的key进行变异,得到key组合种子文件;基于所述key组合种子文件中key的权重,对所述key组合种子文件中的key对应的value进行变异,得到新的组合种子文件;利用所述新的组合种子文件挖掘所述程序的漏洞。Embodiments of the present invention further provide a non-transitory computer-readable storage medium on which a computer program is stored, and when the computer program is executed by a processor, is implemented to execute the methods provided by the foregoing method embodiments, for example, including: obtaining a text file format the target configuration file; identify the text file format type of the target configuration file, and determine the key-value key-value pair of the target configuration file; perform a pre-fuzzing test on the program that takes the target configuration file as input to detect all Check whether the program has a format loophole, and extract all visible strings in the program; use the visible strings to mutate the key in the key-value pair of the target configuration file to obtain a key combination seed file ; Based on the weight of the key in the key combination seed file, mutate the value corresponding to the key in the key combination seed file to obtain a new combination seed file; Use the new combination seed file to mine the loopholes of the program .

以上所描述的装置实施例仅仅是示意性的,其中所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部模块来实现本实施例方案的目的。本领域普通技术人员在不付出创造性的劳动的情况下,即可以理解并实施。The device embodiments described above are only illustrative, wherein the units described as separate components may or may not be physically separated, and the components shown as units may or may not be physical units, that is, they may be located in One place, or it can be distributed over multiple network elements. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution in this embodiment. Those of ordinary skill in the art can understand and implement it without creative effort.

通过以上的实施方式的描述,本领域的技术人员可以清楚地了解到各实施方式可借助软件加必需的通用硬件平台的方式来实现,当然也可以通过硬件。基于这样的理解,上述技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来,该计算机软件产品可以存储在计算机可读存储介质中,如ROM/RAM、磁碟、光盘等,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行各个实施例或者实施例的某些部分所述的方法。From the description of the above embodiments, those skilled in the art can clearly understand that each embodiment can be implemented by means of software plus a necessary general hardware platform, and certainly can also be implemented by hardware. Based on this understanding, the above-mentioned technical solutions can be embodied in the form of software products in essence or the parts that make contributions to the prior art, and the computer software products can be stored in computer-readable storage media, such as ROM/RAM, magnetic A disc, an optical disc, etc., includes several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform the methods described in various embodiments or some parts of the embodiments.

最后应说明的是:以上实施例仅用以说明本发明的技术方案,而非对其限制;尽管参照前述实施例对本发明进行了详细的说明,本领域的普通技术人员应当理解:其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱离本发明各实施例技术方案的精神和范围。Finally, it should be noted that the above embodiments are only used to illustrate the technical solutions of the present invention, but not to limit them; although the present invention has been described in detail with reference to the foregoing embodiments, those of ordinary skill in the art should understand that it can still be The technical solutions described in the foregoing embodiments are modified, or some technical features thereof are equivalently replaced; and these modifications or replacements do not make the essence of the corresponding technical solutions deviate from the spirit and scope of the technical solutions of the embodiments of the present invention.

Claims (10)

1. A fuzzy test method for text configuration files is characterized by comprising the following steps:
acquiring a target configuration file in a text file format;
identifying the text file format type of the target configuration file, and determining a key value-value pair of the target configuration file;
performing pre-fuzzy test on a program taking the target configuration file as input to detect whether the program has a format bug, and extracting all visible character strings in the program;
utilizing the visible character string to perform variation on a key in a key-value pair of the target configuration file to obtain a key combination seed file;
based on the weight of the key in the key combination seed file, carrying out variation on the value corresponding to the key in the key combination seed file to obtain a new combination seed file;
and utilizing the new combined seed file to mine the vulnerability of the program.
2. The fuzzy test method for the text configuration file according to claim 1, wherein the varying the key in the key-value pair of the target configuration file by using the visible character string to obtain a key combination seed file specifically comprises:
for each visible character string, replacing a key in the key-value pair with the current visible character string to obtain a seed file, executing the seed file as an input instrumentation, and storing the key to an effective key set if a new execution path is generated;
and based on the effective key set, randomly deleting, replacing and adding any one of the keys in the seed file in sequence to obtain a key combination seed file.
3. The fuzzy test method for the text configuration file according to claim 1, wherein the varying the value corresponding to the key in the key combination seed file based on the weight of the key in the key combination seed file to obtain a new combination seed file specifically comprises:
the value corresponding to each key in the key combination seed file is subjected to variation, and if a new execution path is generated after the instrumentation is judged, the weight corresponding to the key is set according to the number of new code blocks generated in the new execution path;
randomly selecting M keys from the first N keys with high weights, carrying out variation on values corresponding to the M keys, simultaneously increasing the weights of the M keys if judging that a new execution path is generated after the instrumentation is executed, or simultaneously decreasing the weights of the M keys if judging that a new execution path is not generated after the instrumentation is executed, and randomly selecting the M keys from the first N keys with high weights again until the weights of the M keys are not more than a weight threshold value if the weights of the P keys in the M keys are lower than the weights of the first N keys with high weights to obtain a new combined seed file;
wherein N, M and P are natural numbers more than or equal to 1, and N is more than or equal to M and more than or equal to P.
4. The fuzzy test method for the text configuration file according to claim 1, wherein the mutating the value corresponding to the key in the key combination seed file specifically comprises:
circularly executing the following steps for preset times: randomly selecting an operation strategy to carry out variation on values corresponding to Q keys in the key combination seed file;
the preset times are determined according to the data length of the value corresponding to the key; the operation strategy comprises bit-wise overturning, integer addition and subtraction, data insertion and data deletion; q is a natural number of 1 or more.
5. A fuzzy test device for text configuration files is characterized by comprising:
the acquisition module is used for acquiring a target configuration file in a text file format;
the identification module is used for identifying the text file format type of the target configuration file and determining a key-value pair of the target configuration file;
the detection extraction module is used for performing pre-fuzzy test on the program taking the target configuration file as input so as to detect whether the program has a format bug and extracting all visible character strings in the program;
the key variation module is used for varying keys in the key-value pairs of the target configuration files by using the visible character strings to obtain key combination seed files;
the value variation module is used for varying values corresponding to the keys in the key combination seed file based on the weights of the keys in the key combination seed file to obtain a new combination seed file;
and the mining module is used for mining the vulnerability of the program by using the new combined seed file.
6. The text profile-oriented fuzz testing apparatus according to claim 5, wherein the key mutation module is specifically configured to:
for each visible character string, replacing a key in the key-value pair with the current visible character string to obtain a seed file, executing the seed file as an input instrumentation, and storing the key to an effective key set if a new execution path is generated;
and based on the effective key set, randomly deleting, replacing and adding any one of the keys in the seed file in sequence to obtain a key combination seed file.
7. The fuzz testing apparatus for text-oriented profiles according to claim 5, wherein the value variation module is specifically configured to:
the value corresponding to each key in the key combination seed file is subjected to variation, and if a new execution path is generated after the instrumentation is judged, the weight corresponding to the key is set according to the number of new code blocks generated in the new execution path;
randomly selecting M keys from the first N keys with high weights, carrying out variation on values corresponding to the M keys, simultaneously increasing the weights of the M keys if judging that a new execution path is generated after the instrumentation is executed, or simultaneously decreasing the weights of the M keys if judging that a new execution path is not generated after the instrumentation is executed, and randomly selecting the M keys from the first N keys with high weights again until the weights of the M keys are not more than a weight threshold value if the weights of the P keys in the M keys are lower than the weights of the first N keys with high weights to obtain a new combined seed file;
wherein N, M and P are natural numbers more than or equal to 1, and N is more than or equal to M and more than or equal to P.
8. The text-profile-oriented fuzz testing apparatus according to claim 5, wherein the value variation module is further configured to:
circularly executing the following steps for preset times: randomly selecting an operation strategy to carry out variation on values corresponding to Q keys in the key combination seed file;
the preset times are determined according to the data length of the value corresponding to the key; the operation strategy comprises bit-wise overturning, integer addition and subtraction, data insertion and data deletion; q is a natural number of 1 or more.
9. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the steps of the text profile oriented fuzz testing method according to any of the claims 1 to 4 when executing the program.
10. A non-transitory computer readable storage medium, having stored thereon a computer program, wherein the computer program, when executed by a processor, implements the steps of the text profile oriented fuzz testing method according to any of claims 1 to 4.
CN202010636048.7A 2020-07-03 2020-07-03 Fuzzy test method and device for text configuration file Active CN111913877B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010636048.7A CN111913877B (en) 2020-07-03 2020-07-03 Fuzzy test method and device for text configuration file

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010636048.7A CN111913877B (en) 2020-07-03 2020-07-03 Fuzzy test method and device for text configuration file

Publications (2)

Publication Number Publication Date
CN111913877A true CN111913877A (en) 2020-11-10
CN111913877B CN111913877B (en) 2021-09-28

Family

ID=73227332

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010636048.7A Active CN111913877B (en) 2020-07-03 2020-07-03 Fuzzy test method and device for text configuration file

Country Status (1)

Country Link
CN (1) CN111913877B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112417461A (en) * 2020-12-07 2021-02-26 北京梆梆安全科技有限公司 Fuzzy test method and system for equipment firmware
CN116225962A (en) * 2023-03-31 2023-06-06 四川邦辰信息科技有限公司 JSON variation method for fuzzy test

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090204591A1 (en) * 2008-02-11 2009-08-13 Rauli Kaksonen Method and arrangement for test case creation
CN103034580A (en) * 2011-09-29 2013-04-10 西门子公司 Method and device and system for fuzzy test
CN103544109A (en) * 2013-11-15 2014-01-29 大连交通大学 Novel combined test case generation method
CN106681901A (en) * 2015-11-10 2017-05-17 中国电信股份有限公司 Method and device for testing sample generation
CN109597767A (en) * 2018-12-19 2019-04-09 中国人民解放军国防科技大学 Genetic variation-based fuzzy test case generation method and system
CN110401581A (en) * 2019-07-22 2019-11-01 杭州电子科技大学 Fuzzy test case generation method for industrial control protocol based on traffic traceability
CN110912776A (en) * 2019-11-27 2020-03-24 中国科学院信息工程研究所 A kind of automatic fuzzy test method and device of entity router management protocol

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090204591A1 (en) * 2008-02-11 2009-08-13 Rauli Kaksonen Method and arrangement for test case creation
CN103034580A (en) * 2011-09-29 2013-04-10 西门子公司 Method and device and system for fuzzy test
CN103544109A (en) * 2013-11-15 2014-01-29 大连交通大学 Novel combined test case generation method
CN106681901A (en) * 2015-11-10 2017-05-17 中国电信股份有限公司 Method and device for testing sample generation
CN109597767A (en) * 2018-12-19 2019-04-09 中国人民解放军国防科技大学 Genetic variation-based fuzzy test case generation method and system
CN110401581A (en) * 2019-07-22 2019-11-01 杭州电子科技大学 Fuzzy test case generation method for industrial control protocol based on traffic traceability
CN110912776A (en) * 2019-11-27 2020-03-24 中国科学院信息工程研究所 A kind of automatic fuzzy test method and device of entity router management protocol

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112417461A (en) * 2020-12-07 2021-02-26 北京梆梆安全科技有限公司 Fuzzy test method and system for equipment firmware
CN112417461B (en) * 2020-12-07 2023-10-03 北京梆梆安全科技有限公司 Fuzzy test method and system for equipment firmware
CN116225962A (en) * 2023-03-31 2023-06-06 四川邦辰信息科技有限公司 JSON variation method for fuzzy test
CN116225962B (en) * 2023-03-31 2024-08-06 四川邦辰信息科技有限公司 JSON variation method for fuzzy test

Also Published As

Publication number Publication date
CN111913877B (en) 2021-09-28

Similar Documents

Publication Publication Date Title
Wick et al. Benchmarking of long-read assemblers for prokaryote whole genome sequencing
US10284577B2 (en) Method and apparatus for file identification
CN107645503B (en) A rule-based detection method for malicious domain names belonging to DGA family
Li et al. Fast and accurate short read alignment with Burrows–Wheeler transform
US7854002B2 (en) Pattern matching for spyware detection
CN105656886A (en) Method and device for detecting website attack behaviors based on machine learning
EP3323053B1 (en) Document capture using client-based delta encoding with server
CN109753800A (en) Android malicious application detection method and system integrating frequent itemsets and random forest algorithm
Freitas et al. A detailed characterization of complex networks using Information Theory
CN106682506B (en) Virus program detection method and terminal
CN104036187B (en) Method and system for determining computer virus types
CN111913877A (en) Fuzzy test method and device for text configuration file
CN110287002A (en) A method and system for detecting defects in an Ethereum virtual machine
CN106990956A (en) Code file clone's detection method based on suffix tree
Aronson et al. Towards an engineering approach to file carver construction
CN112685612B (en) Feature code searching and matching method, device and storage medium
JP2008299540A (en) Inspection device and inspection program for web service providing system
US10339297B2 (en) Determining whether continuous byte data of inputted data includes credential
CN110287700A (en) An iOS application security analysis method and device
CN107451002A (en) For the Proactive authentication method and system for the block chain for changing block volume data
CN110990352A (en) A method, apparatus, computer equipment and medium for determining data extraction rules
CN111290747A (en) Method, system, equipment and medium for creating function hook
CN114430335A (en) Web fingerprint matching method and device
US20220021703A1 (en) Phishing site detection device, phishing site detection method and phishing site detection program
CN113159971B (en) Information extraction method, device, electronic device and readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant