diff options
| author | Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> | 2023-12-19 20:33:08 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-12-19 20:33:08 +0100 |
| commit | 308b2663333387008cd2331d99a5a75b0a343f53 (patch) | |
| tree | f9a366f0195768e0ae8f243141293b8679424f29 | |
| parent | 6af93c09c86743fb9b819c7f01b6aa18f03fdf46 (diff) | |
fuzz: improve fuzzing coverage (#2220)
| -rw-r--r-- | fuzz/dictionary.dict | 68 | ||||
| -rw-r--r-- | tests/cfgs/default/pcap/spotify_tcp.pcap | bin | 0 -> 3554 bytes | |||
| -rw-r--r-- | tests/cfgs/default/result/spotify_tcp.pcap.out | 26 |
3 files changed, 94 insertions, 0 deletions
diff --git a/fuzz/dictionary.dict b/fuzz/dictionary.dict index b74b3d13b..10c849312 100644 --- a/fuzz/dictionary.dict +++ b/fuzz/dictionary.dict @@ -64,3 +64,71 @@ "Blizzard Web Client" "Blizzard Downloader" "Zattoo/4" +"MSRPC" +"Gnutella" + +#HTTP methods + +"OPTIONS" +"GET" +"HEAD" +"PATCH" +"POST" +"PUT" +"DELETE" +"TRACE" +"CONNECT" +"RPC_CONNECT" +"RPC_IN_DATA" +"RPC_OUT_DATA" + +#HTTP payload signatures + +"\x4D\x5A" +"\x7F\x45\x4C\x46" +"\xCF\xFA\xED\xFE" +"#" +"!" +"/" +"\x64\x65\x78\x0A\x30\x33\x35\x00" + +#Gnutella patterns + +"urn:sha1:" +"HEAD /gnutella/push-proxy?" +"\x50\x55\x53\x48\x20\x67\x75\x69\x64\x3a" +"GET /gnutella/" +"\x80\x2f\x01\x03\x01\x00\x06\x00\x00\x00\x20\x00\x00\x34\x00\x00\xff\x4d\x6c" +"\x20\x4d\x6c" +"\x16\x03\x01\x00\x54\x01\x00\x00\x50\x03\x01\x4d\x6c" +"\x00\x02\x00\x34\x01\x00\x00\x05" +"\x31\x01\x00\x09\x00\x00\x00\x4c\x49\x4d\x45" +"SCP@" +"DNA@" +"\x01\x01\x54\x0f\x51\x4b\x52\x50\x06\x52" +"\x01\x01\x5c\x1b\x50\x55\x53\x48\x48\x10" +"GND\x10" +"\x31\x01\x00\x09\x00\x00\x00" +"\x00\x01\x00\x00\x00\x00\x00" +"X-Gnutella-" +"X-Queue:" +"application/x-gnutella-" +"GNUTELLA/" +"GNUTELLA CONNECT/" + +#Bittorrent signatures + +"Cache-Control: no-cache" +"GET /data?fid=" +"Pragma: no-cache" +":target20:" +":find_node1:" +"d1:ad2:id20:" +":info_hash20:" +":filter64" +"d1:rd2:id20:" + +#Jabber + +"='im.truphone.com'" +"=\"im.truphone.com\"" diff --git a/tests/cfgs/default/pcap/spotify_tcp.pcap b/tests/cfgs/default/pcap/spotify_tcp.pcap Binary files differnew file mode 100644 index 000000000..54fae5beb --- /dev/null +++ b/tests/cfgs/default/pcap/spotify_tcp.pcap diff --git a/tests/cfgs/default/result/spotify_tcp.pcap.out b/tests/cfgs/default/result/spotify_tcp.pcap.out new file mode 100644 index 000000000..6d8bbd1c4 --- /dev/null +++ b/tests/cfgs/default/result/spotify_tcp.pcap.out @@ -0,0 +1,26 @@ +DPI Packets (TCP): 4 (4.00 pkts/flow) +Confidence DPI : 1 (flows) +Num dissector calls: 50 (50.00 diss/flow) +LRU cache ookla: 0/0/0 (insert/search/found) +LRU cache bittorrent: 0/0/0 (insert/search/found) +LRU cache zoom: 0/0/0 (insert/search/found) +LRU cache stun: 0/0/0 (insert/search/found) +LRU cache tls_cert: 0/0/0 (insert/search/found) +LRU cache mining: 0/0/0 (insert/search/found) +LRU cache msteams: 0/0/0 (insert/search/found) +LRU cache stun_zoom: 0/0/0 (insert/search/found) +Automa host: 0/0 (search/found) +Automa domain: 0/0 (search/found) +Automa tls cert: 0/0 (search/found) +Automa risk mask: 0/0 (search/found) +Automa common alpns: 0/0 (search/found) +Patricia risk mask: 0/0 (search/found) +Patricia risk mask IPv6: 0/0 (search/found) +Patricia risk: 0/0 (search/found) +Patricia risk IPv6: 0/0 (search/found) +Patricia protocols: 1/1 (search/found) +Patricia protocols IPv6: 0/0 (search/found) + +Spotify 10 3370 1 + + 1 TCP 10.0.2.15:48628 <-> 35.190.243.72:4070 [proto: 156/Spotify][IP: 126/Google][Encrypted][Confidence: DPI][DPI packets: 4][cat: Music/25][5 pkts/1094 bytes <-> 5 pkts/2276 bytes][Goodput ratio: 72/88][0.19 sec][bytes ratio: -0.351 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/33 30/42 63/71 23/28][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 219/455 517/1514 194/569][Plen Bins: 0,0,0,0,0,0,0,0,0,0,25,0,0,0,25,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0] |