3 changed files with 54 additions and 2 deletions
@ -0,0 +1,19 @@
@@ -0,0 +1,19 @@
|
||||
# Substrate WASM fuzzer |
||||
|
||||
Community project for fuzzing WASM in Substrate. |
||||
|
||||
Attack model: Attacker payload -> TX -> WASM Execution |
||||
|
||||
|
||||
## Example |
||||
# ./wasmfuzz -f <func> -n <n> -c <contract-file.wasm> -i <fuzzinput> |
||||
|
||||
|
||||
## Dev tasks |
||||
- Fuzzer logic/engine |
||||
- Fuzzer input |
||||
|
||||
## Good question |
||||
Why don't we just use AFL? We could inject from TX entry func... |
||||
https://github.com/rust-fuzz/afl.rs |
||||
https://aflplus.plus/ |
@ -1,6 +1,39 @@
@@ -1,6 +1,39 @@
|
||||
extern crate clap; |
||||
|
||||
use clap::{Arg, App}; |
||||
|
||||
fn main() { |
||||
|
||||
let app = App::new("hello-clap"); |
||||
let iternum = Arg::with_name("n") |
||||
.long("num") |
||||
.takes_value(true) |
||||
.help("You need to specify the max number of iterations.") |
||||
.required(true); |
||||
|
||||
let funcatk = Arg::with_name("f") |
||||
.long("func") |
||||
.takes_value(true) |
||||
.help("You need to specify the function to attack.") |
||||
.required(true); |
||||
|
||||
let contractf = Arg::with_name("c") |
||||
.long("contract") |
||||
.takes_value(true) |
||||
.help("You need to specify the contract file's name.") |
||||
.required(true); |
||||
|
||||
let app = app.arg(iternum); |
||||
let app = app.arg(funcatk); |
||||
let app = app.arg(contractf); |
||||
|
||||
let matches = app.get_matches(); |
||||
|
||||
let iternumout = matches.value_of("iternum") |
||||
.expect("Required option."); |
||||
let funcatkout = matches.value_of("funcatk") |
||||
.expect("Required option."); |
||||
let contractfout = matches.value_of("contractf") |
||||
.expect("Required option."); |
||||
|
||||
println!("Your options are: {} {} {}!", iternumout, funcatkout, contractfout); |
||||
} |
||||
|
Loading…
Reference in new issue