mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2025-01-18 10:54:03 -05:00
387d96f7c5
Signed-off-by: Jouni Malinen <j@w1.fi> |
||
---|---|---|
.. | ||
ap-mgmt-fuzzer | ||
build | ||
eapol-fuzzer | ||
fuzzing | ||
hwsim | ||
p2p-fuzzer | ||
remote | ||
wnm-fuzzer | ||
.gitignore | ||
cipher-and-key-mgmt-testing.txt | ||
Makefile | ||
README | ||
test_x509v3_nist2.sh | ||
test_x509v3_nist.sh | ||
test-aes.c | ||
test-asn1.c | ||
test-base64.c | ||
test-eapol.c | ||
test-https_server.c | ||
test-https.c | ||
test-json.c | ||
test-list.c | ||
test-md4.c | ||
test-milenage.c | ||
test-rc4.c | ||
test-rsa-sig-ver.c | ||
test-sha1.c | ||
test-sha256.c | ||
test-tls.c | ||
test-x509.c | ||
test-x509v3.c |
hostap.git test tools --------------------- The tests directory with its subdirectories contain number of tools used for testing wpa_supplicant and hostapd implementations. hwsim directory contains the test setup for full system testing of wpa_supplicant and hostapd with a simulated radio (mac80211_hwsim). See hwsim/READM and hwsim/vm/README for more details. Build testing ------------- wpa_supplicant and hostapd support number of build option combinations. The test scripts in the build subdirectory can be used to verify that various combinations do not break the builds. More configuration examples can be added there (build-{hostapd,wpa_supplicant}-*.config) to get them included in test builds. # Example cd build ./run-build-tests.h Fuzz testing ------------ Newer fuzz testing tools are under the fuzzing directory. See fuzzing/README for more details on them. The following text describes the older fuzz testing tools that are subject to removal once the same newer tools have the same coverage available. Number of the test tools here can be used for fuzz testing with tools like American fuzzy lop (afl-fuzz) that are designed to modify an external file for program input. ap-mgmt-fuzzer, eapol-fuzzer, test-eapol, test-json, test-tls, and test-x509 are examples of such tools that expose hostap.git module functionality with input from a file specified on the command line. Here are some examples of how fuzzing can be performed: ##### JSON parser make clean CC=afl-gcc make test-json mkdir json-examples cat > json-examples/1.json <<EOF {"a":[[]],"b":1,"c":"q","d":{"e":[{}]}} EOF afl-fuzz -i json-examples -o json-findings -- $PWD/test-json @@ Alternatively, using libFuzzer from LLVM: make clean make test-json LIBFUZZER=y mkdir json-examples cat > json-examples/1.json <<EOF {"a":[[]],"b":1,"c":"q","d":{"e":[{}]}} EOF ./test-json json-examples ##### EAPOL-Key Supplicant make clean CC=afl-gcc make test-eapol TEST_FUZZ=y mkdir eapol-auth-examples ./test-eapol auth write eapol-auth-examples/auth.msg afl-fuzz -i eapol-auth-examples -o eapol-auth-findings -- $PWD/test-eapol auth read @@ ##### EAPOL-Key Authenticator make clean CC=afl-gcc make test-eapol TEST_FUZZ=y mkdir eapol-supp-examples ./test-eapol supp write eapol-supp-examples/supp.msg afl-fuzz -i eapol-supp-examples -o eapol-supp-findings -- $PWD/test-eapol supp read @@ ##### TLS client make clean CC=afl-gcc make test-tls TEST_FUZZ=y mkdir tls-server-examples ./test-tls server write tls-server-examples/server.msg afl-fuzz -i tls-server-examples -o tls-server-findings -- $PWD/test-tls server read @@ ##### TLS server make clean CC=afl-gcc make test-tls TEST_FUZZ=y mkdir tls-client-examples ./test-tls client write tls-client-examples/client.msg afl-fuzz -i tls-client-examples -o tls-client-findings -- $PWD/test-tls client read @@ ##### AP management frame processing cd ap-mgmt-fuzzer make clean CC=afl-gcc make mkdir multi-examples cp multi.dat multi-examples afl-fuzz -i multi-examples -o multi-findings -- $PWD/ap-mgmt-fuzzer -m @@ ##### EAPOL-Key Supplicant (separate) cd eapol-fuzzer make clean CC=afl-gcc make mkdir eapol-examples cp *.dat eapol-examples afl-fuzz -i eapol-examples -o eapol-findings -- $PWD/eapol-fuzzer @@ ##### P2P cd p2p-fuzzer make clean CC=afl-gcc make mkdir p2p-proberesp-examples cp proberesp*.dat p2p-proberesp-examples afl-fuzz -i p2p-proberesp-examples -o p2p-proberesp-findings -- $PWD/p2p-fuzzer proberesp @@ mkdir p2p-action-examples cp go*.dat inv*.dat p2ps*.dat p2p-action-examples afl-fuzz -i p2p-action-examples -o p2p-action-findings -- $PWD/p2p-fuzzer action @@ ##### WNM cd wnm-fuzzer make clean CC=afl-gcc make mkdir wnm-examples cp *.dat wnm-examples afl-fuzz -i wnm-examples -o wnm-findings -- $PWD/wnm-fuzzer @@