public void RunFuzz() { // Fuzz the web services // First set up our parameter dictionary // TOFIX - Load these from files and flesh out the types that are supported. This is really weak right now. // TOFIX - Also figure out how to feed "null" values through the DynWSLib without getting exceptions Dictionary <Type, object[]> parameterLibrary = new Dictionary <Type, object[]>(); parameterLibrary.Add(Type.GetType("System.String"), new object[] { string.Empty, "'JUNK", "\"JUNK", "1234567890", "`~!@#$%^&*()_-+={[}]|\\:;<,>.?/", "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" + "AAAAAAAAAAAAAAAAAAAAAAAAA" // 1025 A's }); parameterLibrary.Add(Type.GetType("System.Int32"), new object[] { int.MinValue, -1025, -1024, -1023, -129, -128, -127, -101, -100, -99, -10, -5, -1, 0, 1, 5, 10, 100, 127, 128, 129, 1023, 1024, 1025, int.MaxValue }); parameterLibrary.Add(Type.GetType("System.Single"), new object[] { float.MinValue, float.MaxValue, float.NaN, float.NegativeInfinity, float.PositiveInfinity, float.Epsilon, 0.0, -1.0, 1.0 }); parameterLibrary.Add(Type.GetType("System.Double"), new object[] { double.MinValue, double.MaxValue, double.NaN, double.NegativeInfinity, double.PositiveInfinity, double.Epsilon, 0.0, -1.0, 1.0 }); Log("About to fuzz the web services"); foreach (Uri wsUri in _webServicesCollections.Keys) { Log("Attempting to fuzz web service at: " + wsUri.AbsoluteUri); // TODO - Non-Atlas, non-.NET web services will need different logic here string sWsdlUri = wsUri.AbsoluteUri + "?wsdl"; Log("Looking for WSDL at: " + sWsdlUri); WebServiceEnumerator wsEnumerator = new WebServiceEnumerator(sWsdlUri); WebServiceCollection wsCollection = wsEnumerator.Enumerate(); this._WebServicesCollectionsHydrated[wsUri] = wsCollection; // List<Method> methods = wsEnumerator.Services.AllMethods; foreach (WebService w in wsCollection.WebServices) { foreach (Method m in w.Methods) { Log(m.ToString()); MethodTracker tracker = new MethodTracker(m, parameterLibrary, this); Log("Call count for the method will be: " + tracker.CallCount); try { tracker.RunCalls(); } catch (Exception ex) { Log("Unhandled exception: " + ex.Message + ", Stack Trace: " + ex.StackTrace); } } } } Log("Successful calls: " + _successfulCalls); Log("Failed calls: " + _failedCalls); }
public void RunFuzz() { // Fuzz the web services // First set up our parameter dictionary // TOFIX - Load these from files and flesh out the types that are supported. This is really weak right now. // TOFIX - Also figure out how to feed "null" values through the DynWSLib without getting exceptions Dictionary<Type, object[]> parameterLibrary = new Dictionary<Type, object[]>(); parameterLibrary.Add(Type.GetType("System.String"), new object[] { string.Empty, "'JUNK", "\"JUNK", "1234567890", "`~!@#$%^&*()_-+={[}]|\\:;<,>.?/", "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"+ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"+ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"+ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"+ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"+ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"+ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"+ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"+ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"+ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"+ "AAAAAAAAAAAAAAAAAAAAAAAAA" // 1025 A's }); parameterLibrary.Add(Type.GetType("System.Int32"), new object[] { int.MinValue, -1025, -1024, -1023, -129, -128, -127, -101, -100, -99, -10, -5, -1, 0, 1, 5, 10, 100, 127, 128, 129, 1023, 1024, 1025, int.MaxValue }); parameterLibrary.Add(Type.GetType("System.Single"), new object[] { float.MinValue, float.MaxValue, float.NaN, float.NegativeInfinity, float.PositiveInfinity, float.Epsilon, 0.0, -1.0, 1.0 }); parameterLibrary.Add(Type.GetType("System.Double"), new object[] { double.MinValue, double.MaxValue, double.NaN, double.NegativeInfinity, double.PositiveInfinity, double.Epsilon, 0.0, -1.0, 1.0 }); Log("About to fuzz the web services"); foreach (Uri wsUri in _webServicesCollections.Keys) { Log("Attempting to fuzz web service at: " + wsUri.AbsoluteUri); // TODO - Non-Atlas, non-.NET web services will need different logic here string sWsdlUri = wsUri.AbsoluteUri + "?wsdl"; Log("Looking for WSDL at: " + sWsdlUri); WebServiceEnumerator wsEnumerator = new WebServiceEnumerator(sWsdlUri); WebServiceCollection wsCollection = wsEnumerator.Enumerate(); this._WebServicesCollectionsHydrated[wsUri] = wsCollection; // List<Method> methods = wsEnumerator.Services.AllMethods; foreach (WebService w in wsCollection.WebServices) { foreach (Method m in w.Methods) { Log(m.ToString()); MethodTracker tracker = new MethodTracker(m, parameterLibrary, this); Log("Call count for the method will be: " + tracker.CallCount); try { tracker.RunCalls(); } catch (Exception ex) { Log("Unhandled exception: " + ex.Message + ", Stack Trace: " + ex.StackTrace); } } } } Log("Successful calls: " + _successfulCalls); Log("Failed calls: " + _failedCalls); }