Let's get start to fuzzing firefox browser with grizzly and domato

[mylamour]

In previously blog( Let's get start to fuzzing firefox browser with grizzly ),we started browser fuzzing tutorial with grizzly. Today i will show you how to working with domato as the custom adapter.

1. clone the code and cd to adapter folder

git clone https://github.com/MozillaSecurity/grizzly
cd grizzly/grizzly/adapter
mkdir do_ma_adapter
touch do_ma_adapter/setup.py
touch do_ma_adapter/domata.py

here is the content:

setup.py

from setuptools import setup

setup(
    name='do-ma',
    version='0.0.1',
    install_requires=[
        'grizzly-framework',
    ],
    entry_points={
       "grizzly_adapters": ["do-ma = domata:DoMaAdapter"]
    },
)

domata.py Don't forget to change the DOMATO_PATH

from pathlib import Path
from shutil import rmtree
from subprocess import check_output
from tempfile import mkdtemp
from grizzly.adapter import Adapter

DOMATO_PATH = "/mnt/f/fuzzing/fuzzer/domato/generator.py"

class DoMaAdapter(Adapter):
    
    NAME = "do-ma"

    def setup(self, input_path, server_map):
        self.enable_harness()
        self.fuzz["working"] = Path(mkdtemp(prefix="fuzz_gen_"))

        # command to run the fuzzer (generate test data)
        self.fuzz["cmd"] = [
            'python3',
            DOMATO_PATH,  # binary to call
            "--no_of_files", "1",
            "--output_dir", str(self.fuzz["working"])
        ]

    def generate(self, testcase, _):
        check_output(self.fuzz["cmd"])
        gen_file = next(self.fuzz["working"].iterdir())
        testcase.add_from_file(
            gen_file, file_name=testcase.landing_page, required=True, copy=False
        )

    def shutdown(self):
        if self.fuzz["working"].is_dir():
            rmtree(self.fuzz["working"], ignore_errors=True)

2. install your adapter

python3 -m pip install -e do_ma_adapter

3. run new adapter with grizzly

python3 -m grizzly ./browsers/firefox/firefox do-ma