Fuzzing

Custom Code
There are 4 places in which Fuzzware can be extended using your own code.

1. Creating your own input source
While Fuzzware offers many forms of input sources you may have a special requirement that Fuzzware can't handle. To implement your own input source you need to write a .Net class that implements the Fuzzware.Extensible.IUserInputHandler interface (defined in Extensible.dll). This interface consists of 3 functions:

void Initialise(System.Xml.XmlNode[] UserData);
This function is called once by Fuzzware and passes in custom XML data that can be specified in the UI on the 'Fuzz a custom input' page.

String[] GetXSDPathAndFile();
This function is called once by Fuzzware to get an array of fully qualified paths to the XSD files containing the XML Schema of the format to be fuzzed.

String GetXMLPathAndFile();
This function is called once by Fuzzware to get a fully qualified path to an XML file that will be used as the template for fuzzing.

For an example of using this interface see the Examples\XPS\XPSHandlers in your Fuzzware Projects directory.

2. Creating your own output destination
While Fuzzware offers many forms of output destinations you may have a special requirement that Fuzzware can't handle. To implement your own output destination you need to write a .Net class that implements the Fuzzware.Extensible.IUserOutputHandler interface (defined in Extensible.dll). This interface consists of 2 functions:

void Initialise(System.Xml.XmlNode[] UserData, Fuzzware.Extensible.IUserInputHandler UserInputHandler);
This function is called once by Fuzzware and passes in custom XML data that can be specified in the UI on the 'Pass testcase to custom code' page. It will also pass in a reference to the custom IUserInputHandler if one is being used.

bool Output(System.IO.MemoryStream TestCase, System.string StateDesc);
Fuzzware passes this function the current testcase and the state description. The return value should be true to continue fuzzing, or false to stop fuzzing entirely.

3. Creating a pre-output handler
Sometimes you require some custom processing on the output testcase that Fuzzware produces, but you would like to leverage an existing output destination that Fuzzware makes available. If a pre-output handler is specified Fuzzware will create the testcase as usual, but before passing it to the output destination, it will pass it to the custom pre-output handler, which can change it in anyway before it goes to the output destination. To implement your own pre-output handler you need to write a .Net class that implements the Fuzzware.Extensible.IUserPreOutputHandler interface (defined in Extensible.dll). This interface consists of 2 functions:

void Initialise(System.Xml.XmlNode[] UserData, Fuzzware.Extensible.IUserInputHandler UserInputHandler);
This function is called once by Fuzzware and passes in custom XML data that can be specified in the UI on the 'Pass testcase to custom code' page. It will also pass in a reference to the custom IUserInputHandler if one is being used.

System.IO.MemoryStream Output(System.IO.MemoryStream TestCase);
Fuzzware passes this function the current testcase, the function can then alter the testcase arbitrarily and return the altered testcase back to Fuzzware.

For an example of using this interface see the Examples\XPS\XPSHandlers in your Fuzzware Projects directory.

4. Creating a custom XML Processing Instruction
Fuzzware uses XML Processing Instructions (see Tutorial 2 - Part 2) to change the value of a node e.g. update the filelength stored in the file. Sometimes the processing of the nodes value is more complicated than what Fuzzware makes available and in this case it is possible for Fuzzware to call custom code to change the value of a node. To implement your own XML Processing instruction you need to write a .Net class that implements the Fuzzware.Extensible.IUserNodeProcessor interface (defined in Extensible.dll). This interface consists of 1 function:

byte[] Process(System.byte[] operand, Fuzzware.Common.DataSchema.IOutputNode SourceNode, Fuzzware.Common.DataSchema.IOutputNode TargetNode);

Fuzzware passes this function the source node (operand) in bytes and also information about the both the source and target (the node that gets updated) nodes. The return value should be the bytes of the string representation of the value of the target node.
 
 
  Design by guenstige.shop-stadt.de & windows forum