Initial checkin of new AngularJS version

Author: CiscoTalos

AUTHORS

@@ -0,0 +1,5 @@
+Copyright 2016 Cisco Talos Threat Intelligence & Research Group 
+
+Richard Johnson <rjohnson@moflow.org> - Initial version 
+Daniel Moghimi  <amoghimi@wpi.edu>    - AngularJS rewrite
+

Vagrantfile

@@ -0,0 +1,15 @@
+Vagrant.configure("2") do |config|
+  config.vm.box = "ubuntu/trusty64"
+  #config.vm.network "forwarded_port", guest: 80, host: 1080
+  #config.vm.network "forwarded_port", guest: 5000, host: 5000
+  config.vm.network "private_network", type: "dhcp"
+  config.vm.provider "virtualbox" do |vb|
+    vb.memory = "2048"
+    vb.cpus = "2"
+    #vb.customize ["modifyvm", :id, "--nictype1", "Am79C973"]
+    #vb.customize ["modifyvm", :id, "--natdnshostresolver1", "on"]
+    #vb.customize ["modifyvm", :id, "--natdnsproxy1", "on"]
+  end
+
+  config.vm.provision "shell", privileged: false, path: "vagrant.sh"
+end

app/__init__.py

@@ -0,0 +1,106 @@
+from flask import Flask, jsonify, request, json
+from flask_sqlalchemy import SQLAlchemy
+from flask_restful import Api
+import config, time, traceback, os, uuid
+
+app = Flask(__name__, static_folder='static', static_url_path='')
+
+logFile = "log-" + time.strftime("%Y-%m-%d-%H.%M.%S") + ".log"
+
+
+"""
+    Setup DB Models
+"""
+app.config['db'] = db = SQLAlchemy(app)
+app.config['SQLALCHEMY_DATABASE_URI'] = config.DATABASE_URI
+
+
+from model.FuzzingArch import FuzzingArch
+from model.FuzzingPlatform import FuzzingPlatform
+from model.FuzzingEngine import FuzzingEngine
+from model.FuzzingHost import FuzzingHost
+#from model.FuzzingConfig import FuzzingConfig
+from model.FuzzingTarget import FuzzingTarget
+from model.FuzzingJobState import FuzzingJobState
+from model.FuzzingJobOption import FuzzingJobOption
+from model.FuzzingJob import FuzzingJob
+from model.FuzzingOptionType import FuzzingOptionType
+from model.FuzzingOption import FuzzingOption
+from model.FuzzingCrash import FuzzingCrash
+from model.CallbackScript import CallbackScript
+from model.FuzzingScript import FuzzingScript
+
+db.drop_all()
+db.create_all()
+import seed
+db.session.commit()
+
+"""
+@app.before_first_request
+def create_db():
+    None
+"""
+
+
+"""
+    Setup Routes
+"""
+from controller.Hello import HelloCtrl
+from controller.Update import UpdateCtrl
+from controller.Job import JobCtrl
+from controller.Engine import EngineCtrl
+from controller.Arch import ArchCtrl
+from controller.Platform import PlatformCtrl
+from controller.Log import LogCtrl
+from controller.Host import HostCtrl
+from controller.Script import ScriptCtrl
+from controller.Target import TargetCtrl
+from controller.Crash import CrashCtrl
+from controller.Status import StatusCtrl
+#from controller.Config import ConfigCtrl
+from controller.Option import OptionCtrl
+
+
+api = Api(app)
+api.add_resource(HelloCtrl, '/')
+api.add_resource(UpdateCtrl, '/api/update/<string:hash>')
+api.add_resource(JobCtrl, '/api/job', '/api/job/<string:id>')
+api.add_resource(EngineCtrl, '/api/engine', '/api/engine/<string:id>')
+api.add_resource(ArchCtrl, '/api/arch', '/api/arch/<string:id>')
+api.add_resource(PlatformCtrl, '/api/platform', '/api/platform/<string:id>')
+api.add_resource(HostCtrl, '/api/host', '/api/host/<string:id>')
+api.add_resource(ScriptCtrl, '/api/script', '/api/script/<string:id>')
+api.add_resource(TargetCtrl, '/api/target', '/api/target/<string:id>')
+# api.add_resource(CrashBucketCtrl, '/api/bucket', '/api/bucket/<string:id>')
+api.add_resource(CrashCtrl, '/api/crash', '/api/crash/<string:id>')
+#api.add_resource(ConfigCtrl, '/api/config', '/api/config/<string:id>')
+api.add_resource(OptionCtrl, '/api/option', '/api/option/<string:id>')
+api.add_resource(LogCtrl, '/api/log')
+api.add_resource(StatusCtrl, '/api/status')
+
+
+@app.errorhandler(Exception)
+def handle_invalid_usage(error):
+    message = time.strftime("%Y-%m-%d-%H.%M.%S") + ": \n" + traceback.format_exc() + "\n\n"
+    with open(logFile, 'a') as f:
+        f.write(message)
+    rv = {}
+    rv['message'] = message
+    response = jsonify(rv)
+    response.status_code = 500
+    return response
+
+
+@app.route('/api/upload', methods=['POST'])
+def upload_file():
+    if 'file' not in request.files:
+        return json.dumps({"err": "invalid request"}), 400
+
+    u_file = request.files['file']
+    if u_file.filename == '':
+        return json.dumps({"err": "invalid request"}), 400
+
+    path = os.path.join(config.UPLOAD_FOLDER, str(uuid.uuid4()))
+
+    u_file.save(path)
+    return json.dumps({"upload_path": path}), 200

app/config.py

@@ -0,0 +1,4 @@
+import os
+DATABASE_URI = "sqlite:///moflow.db"
+CLIENT_FOLDER = "client"
+UPLOAD_FOLDER = 'static' + os.sep + 'upload'

app/moflow.db

@@ -0,0 +1,68 @@
+from app import app
+from model.FuzzingPlatform import FuzzingPlatform
+from model.FuzzingArch import FuzzingArch
+from model.FuzzingEngine import FuzzingEngine
+from model.FuzzingJobState import FuzzingJobState
+from model.FuzzingTarget import FuzzingTarget
+from model.FuzzingScript import FuzzingScript
+from model.FuzzingOptionType import FuzzingOptionType
+from model.FuzzingOption import FuzzingOption
+
+db = app.config['db']
+
+#Fuzzing Job Status
+db.session.add(FuzzingJobState('Queued'))           #DO NOT CHANGE
+db.session.add(FuzzingJobState('Allocated'))        #DO NOT CHANGE
+db.session.add(FuzzingJobState('Active'))           #DO NOT CHANGE
+db.session.add(FuzzingJobState('Completed'))        #DO NOT CHANGE
+db.session.add(FuzzingJobState('Paused'))           #DO NOT CHANGE
+db.session.add(FuzzingJobState('Failed'))           #DO NOT CHANGE
+#db.session.add(FuzzingJobState('Reserved'))         #DO NOT CHANGE
+
+#Fuzzing Option
+field_type = FuzzingOptionType("FIELD")             #DO NOT CHANGE
+file_type = FuzzingOptionType("FILE")               #DO NOT CHANGE
+list_type = FuzzingOptionType("LIST")               #DO NOT CHANGE
+checkbox_type = FuzzingOptionType("CHECKBOX")       #DO NOT CHANGE
+db.session.add(field_type)
+db.session.add(file_type)
+db.session.add(list_type)
+db.session.add(checkbox_type)
+
+
+#Platforms
+unknown_plat = FuzzingPlatform('Unknown')
+db.session.add(unknown_plat)
+
+#Architectures
+unknown_arch = FuzzingArch('Unknown')
+db.session.add(unknown_arch)
+
+#Options
+afl_in_dir = FuzzingOption('afl_in_dir', field_type)
+afl_out_dir = FuzzingOption('afl_out_dir', field_type)
+afl_timeout = FuzzingOption('afl_timeout', field_type)
+db.session.add(afl_in_dir)
+db.session.add(afl_out_dir)
+db.session.add(afl_timeout)
+
+
+#Fuzzing Engines
+db.session.add(
+    FuzzingEngine("afl", "/usr/local/bin/afl-fuzz", unknown_plat, unknown_arch, [afl_out_dir, afl_timeout, afl_in_dir ])
+)
+
+#Fuzzing Targets
+db.session.add(FuzzingTarget('libpng-1.5.27', "/home/vagrant/libpng-1.5.27/pngtest", unknown_plat, unknown_arch))
+db.session.add(FuzzingTarget('tiff-4.0.6-fake-vulnerable', "/home/vagrant/tiff-4.0.6/tools/tiff2pdf", unknown_plat, unknown_arch))
+
+
+#Fuzzing Script
+db.session.add(FuzzingScript('test-script',
+'''<?xml version="1.0"?>
+<test>
+    <something>go</something>
+</test>
+'''))
+
+

app/seed.py

@@ -0,0 +1,55 @@
+import time, socket, sys, traceback
+
+from client.config import *
+from client.helper import Helper
+from client.rest import Rest
+from engine.afl import Fuzzer as afl
+from engine.radamsa import Fuzzer as radamsa
+
+
+
+engines = {
+    'afl' : afl,
+    'radamsa' : radamsa
+}
+
+def main():
+    helper = Helper()
+    host = helper.register_host()
+    print "\n\nFuzzing Client %s\n" % CLIENT_VERSION
+    while True:
+        fz = None
+        job = None
+        try:
+            helper.update()
+            job = Rest.get_job_by_host(host['id'])
+            if job is not None:
+                engine, target, options = helper.extract_job(job)
+                engine_name = engine['name']
+                fz = engines[engine_name](job, engine, target, options)
+                fz.start()
+            continue
+
+        except socket.error:
+            pass
+
+        except KeyboardInterrupt as e:
+            if fz is not None:
+                fz.fail(e.message)
+            print "Execution interrupted. Quitting."
+            sys.exit(0)
+
+        except:
+            print "Unhandled Exception\n"
+            traceback.print_exc()
+            print ''
+            message = time.strftime("%Y-%m-%d-%H.%M.%S") + ": \n" + \
+                      traceback.format_exc()
+            try:
+                helper.log_error(message)
+            except socket.error:
+                pass
+
+
+if __name__ == "__main__":
+    main()

client/client.py

@@ -0,0 +1,3 @@
+SERVER_ENDPOINT = "http://172.28.128.3/"
+CLIENT_VERSION = "2016.8.15"
+DELAY = 10