GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → thypon → AndroidFuzz

thypon / AndroidFuzz

Licence: other
JavaFuzz 4 Android

Programming Languages

java
68154 projects - #9 most used programming language
groovy
2714 projects

Labels

androidapkinstrumentfuzzingfuzzjavafuzz-android

Projects that are alternatives of or similar to AndroidFuzz

unicorn-fuzzer
expansion of afl-unicorn using c++
Stars: ✭ 25 (-7.41%)
Mutual labels:  fuzzing, fuzz
fuzzing
Easy fuzzing with go-fuzz
Stars: ✭ 15 (-44.44%)
Mutual labels:  fuzzing, fuzz
FuzzImageMagick
Sample files for fuzzing ImageMagick
Stars: ✭ 15 (-44.44%)
Mutual labels:  fuzzing, fuzz
UltimateCMSWordlists
📚 An ultimate collection wordlists of the best-known CMS
Stars: ✭ 54 (+100%)
Mutual labels:  fuzzing, fuzz
fuzzing
🐰 Tool set for fuzz and stress testing your functions!
Stars: ✭ 22 (-18.52%)
Mutual labels:  fuzzing, fuzz
Intruderpayloads
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
Stars: ✭ 2,779 (+10192.59%)
Mutual labels:  fuzzing, fuzz
Sloth
Sloth 🦥 is a coverage guided fuzzing framework for fuzzing Android Native libraries that makes use of libFuzzer and QEMU user-mode emulation
Stars: ✭ 91 (+237.04%)
Mutual labels:  fuzzing
puma-status
Command-line tool for puma to display information about running request/process... Fork of https://github.com/dimelo/puma-helper/ in ruby.
Stars: ✭ 108 (+300%)
Mutual labels:  instrument
Prism
Prism is a beautiful open-source wallpapers app for Android. It is built with Dart on top of Google's Flutter Framework.
Stars: ✭ 241 (+792.59%)
Mutual labels:  apk
Playmaker
Fdroid repository manager fetching apps from Play Store
Stars: ✭ 236 (+774.07%)
Mutual labels:  apk
balldrop
An experimental musical instrument, made with Godot 3.1.
Stars: ✭ 29 (+7.41%)
Mutual labels:  instrument
Regaxor
A regular expression fuzzer.
Stars: ✭ 35 (+29.63%)
Mutual labels:  fuzzing
TextThing
Retro Text Editor is a simple text file editor.
Stars: ✭ 28 (+3.7%)
Mutual labels:  apk
LibAFL
Advanced Fuzzing Library - Slot your Fuzzer together in Rust! Scales across cores and machines. For Windows, Android, MacOS, Linux, no_std, ...
Stars: ✭ 1,348 (+4892.59%)
Mutual labels:  fuzzing
Wordlist404
Small but effective wordlist for brute-forcing and discovering hidden things.
Stars: ✭ 101 (+274.07%)
Mutual labels:  fuzz
Node Google Play
Get details and download apps from https://play.google.com by emulating an Android (Nexus 5X) device by default. For a rust version of this library check out https://github.com/dweinstein/rs-google-play
Stars: ✭ 247 (+814.81%)
Mutual labels:  apk
5-AFL-suite-docker
Dockerfile for AFL++ and helpful other tools
Stars: ✭ 20 (-25.93%)
Mutual labels:  fuzzing
Apkmod
Apkmod can decompile, recompile, sign APK, and bind the payload with any legit APP
Stars: ✭ 235 (+770.37%)
Mutual labels:  apk
wordlists
Aggregated wordlist pulled from commonly used tools for discovery, enumeration, fuzzing, and exploitation.
Stars: ✭ 94 (+248.15%)
Mutual labels:  fuzzing
fuzzing-101-solutions
Companion repository to the Fuzzing101 with LibAFL series of blog posts.
Stars: ✭ 93 (+244.44%)
Mutual labels:  fuzzing
View All Similar Projects ➔

JavaFuzz Android

Android JavaFuzz Version. In order to compile type:

gradle build

Instrument Android APK

In order to instrument it you need:

  • smali
  • zip/unzip
  • aapt

Once you have obtained the javafuzz.jar you have to dex it:

dx --dex --output=afuz.dex build/libs/javafuzz-1.0.jar

Uncompress it to obtain the necessary java xml resources:

unzip build/libs/javafuzz-1.0.jar

Then uncompress the apk you need to instruments in the same directory:

unzip your.apk

Instrument the code:

baksmali classes.dex
baksmali afuz.dex
smali out
cp out.dex classes.dex

Then build the final instrumented apk:

aapt remove your.apk classes.dex
aapt add your.apk classes.dex
aapt add your.apk gnu/getopt/MessagesBundle*

Run The Fuzzer

Transfer the instrumented apk to the "device":

adb push your.apk /sdcard/
mkdir -p /data/local/tmp
ANDROID_DATA=/data/local/tmp /system/bin/dalvikvm -Xss256k -Xmx100m \
    -Xbootclasspath:/system/framework/core.jar:/system/framework/ext.jar:/system/framework/framework.jar:/system/framework/android.policy.jar:/system/framework/services.jar \
    -classpath /sdcard/your.apk javafuzz.JavaFuzz -c class.to.Test -v -m

Manual

NAME
     JavaFuzz - Java Class Fuzzer

SYNOPSIS
     JavaFuzz.jar [-v] -c class [-e type] [-l StringLength]...

DESCRIPTION
     JavaFuzz is a java classes fuzzer based on the the Java Reflection
     API. The reflection API represents, or reflects, the classes, interfaces,
     and objects in the current Java Virtual Machine. Using the reflection
     API JavaFuzz can contruct and invoke any given class (or list of classes).
     After getting the types that a class accepts will construct the classes using
     large values.


OPTIONS
     -v   Verbose - Fully Print Exceptions. Very usuafull and you better use
          that if you want to spot any weird exceptions.

     -m   Fuzz methods of a Class, Can take Long time to finish

     -c   Classname
          Input is Class name e.g java.net.URL , you cannot use -f at the same
          time.

     -f   Read Class names from a file. Classnames should be on in each line.

     -s   You can set the fuzzing String, for example http://www.example.com
          if you dont want repeats, use it with -l1

     -e   You can set the type you want to overflow with the MAX_VALUE on top
          for example if you want to pass twice the size of a double to a class
          which is defined to accept only double you do "-e double"
          Warning: If you do that with an integer it will overflow  and
          become -2.
          Values can be : int, double, float, long, short.

     -r   Number of recursions until constructs the class [Default 20]
          If needs more it will set type to null and consider it Infinite.
          Usually when trying to construct types that dont get any arguments
          it will be fine, if it  will try to construct classes that their
          types accept arguments and so on... JavaFuzz will keep constructing
          types until it gets the asked types.

     -k   Set the value for int,float,long,short,double
          e.g. -k int=100  or -k double=20000 or -k int=19,float=49 and so on.

     -a   Set size of used array when fuzzing  [Default 800]
          This option can be maximum Integer.MAX_VALUE

     -l   Set length of used Strings when fuzzing [Default 1024]
          This option can be maximum Integer.MAX_VALUE

     -o   Find if a specific class requires a cosntant and brute-force
          all possible possitions until the constant is in the correct
          positiont. [This option will add further delays]

     -i   JavaFuzz will ignore the specified method(s) helpful when you found a bug
          in a method but you want to dig deeper. (Seperate methods with commas)
          e.g. for java.awt.Image you could use -i getGraphics,getScaledInstance

     -n   JavaFuzz will fuzz the specified method(s) only
          e.g. for java.awt.Font you could use -n applySize,pDispose
          NOTE: You cannot use -i at the same time

     -u   Fuzz only high or low values respectively e.g. Integer high is +MAX_VALUE
          and low value is -MAX_VALUE (or MIN_VALUE) [-u low or -u high]

    - p   Enforce a Constant and bruteforce the position.  Thetype can
          be int,double,float,short,string   e.g. -p double=1

     -g   Use it when you want to replace a class, for example it could be used to replace
          abstract classes or interfaces -g org.replace.this=org.with.this
          the auto replacement mode can be invoked using -g org.replace.this={A}
          and for complete automation use -ga



EXAMPLES

         java -jar JavaFuzz.jar -c java.lang.String -v
         java -jar JavaFuzz.jar -f classes.txt -v -e int
         java -jar JavaFuzz.jar -c java.net.URL -e int -s http://www.example.com

BUGS
         Version <= 0.3
         It cannot construct classes with types :
         a) Multidimensional array that is not int,double,float,short,long,string
         b) Array that is not int,double,float,short,long,string

FIXES/UPDATES
         Version >= 0.7
         Enforce a Constant and bruteforce the position.  The type can be int,double,float,short,string
         flag is -p

         Version >= 0.6
         You can filter in and out method(s) and you can supply multiple types with -k
         Minor error handling fixes

         Version >= 0.5
         The bugs listed in <=0.3 are fixed. If you find the same problem let me know

AUTHOR
     Emmanouel Kellinis <me at cipher dot org dot uk>

License

The code is under GPLv2 unless specified otherwise in the single files.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].