It is a class used by the Main Window to keep some informations about a currently opened project. The project contains a path to a directory where all necessary files are located (a.k.a. the project directory). The project can be considered loaded when all of its files are successfully loaded into the Main Window (project.xml, fuzzing.xml, recording.xml and dump/ directory) The Main Window has to always have an opened project instance. (window.Window.projectLoadFiles)
The project can be stored to a user specified location. A user has to have necessary rights to create the project directory in the specified location. A user has to have a read permission to a project directory to load a project.
recording.xml - A file used in the recording phase. (mandatory)
recording-out.xml - An output file of the recording phase. If this file is successfully loaded after the recording phase, it becomes a new fuzzing-orig.xml and fuzzing.xml. (optional)
recording-edit.xml - A file edited by an external editor. If this file is successfully loaded after the editor exits, it becomes a new recording.xml. (optional)
fuzzing-orig.xml - An output of a successful recording phase or the original fuzzing XML template. (mandatory)
fuzzing.xml - A file used in the fuzzing phase. (mandatory)
fuzzing-edit.xml - A file edited by an external editor. If this file is successfully loaded after the editor exits, it becomes a new fuzzing.xml. (optional)
project.xml - A file containing some project related informations. (mandatory)
dump/ - A directory for storing sessions and crashes of the fuzzing phase. (mandatory, but can be empty)
The recoding.xml and the fuzzing.xml are files which are used by the external Peach program, so manipulating with these files is quite similar.
After a file is loaded, a new XML element tree is created. (xmlmanipulators.PeachXmlReader) Then some known elements of the tree are used to update the corresponding GUIs widgets. (xmlmanipulators.fuzzingXmlManipulator.loadXML, xmlmanipulators.recordingXmlManipulator.loadXML)
These widgets are not native Qt widgets. They are modified to perform undo/redo actions after loosing focus (Own Widgets, Undo Actions).
The fuzzing manipulator also modifies the XML's mutator section. Each mutator element is bound to the one of the Check Boxes in the second tab. Whenever a one of these Check Boxes changes its state, an action, that triggers an immediate change of the fuzzing XML tree, is performed. (window.Window.mutators, mutators.HotFuzzMutator)
The fuzzing manipulator also modifies the datamodel XML tree elements. It sets attribute "mutable=false/true" inside particular tree elements. Every datamodel is also bound to the one of the tree widget items (xmlmanipulators.HotFuzzTreeWidgetItem). These items are created when the tree is loaded and placed in the datamodel tree widget. Whenever a one of these tree widget items changes its state, an action, that triggers an immediate change of the fuzzing XML tree, is performed.
All other widgets change the XML element tree during the store phase. (xmlmanipulators.fuzzingXmlManipulator.storeXML, xmlmanipulators.recordingXmlManipulator.storeXML) The contents of the whole XML element tree is stored into an XML file at the end of the store phase. (xmlmanipulators.PeachXmlWriter)
A manipulation with a project.xml file is easier, because no XML tree is created during this operation. (xmlmanipulators::projectXml::getProjectXmlContent) All necessary elements are loaded into the project class instance of the Main Window. (Projects, project::HotFuzzProject). The store function places the corresponding variables of the project class correctly inside tags. (xmlmanipulators::projectXml::storeProjectXmlContent)
When Peach is started in the fuzzing mode a new directory in "project dir"/dumps/ appears. This directory is created by Peach and the GUI application is used to "format" its contents.
The directory contains a file with informations about the fuzzing session - status.txt
There are also some informations about each individual crash within the one of its many subdirectories:
ServerAgent_StackTrace.txt - A file containing some useful information about the crash.
ServerAgent_Dump.dmp - A dump file which can be opened in a debugger.
data_*_runnedAction.txt - Files which contain a communication sequence that caused the crash.
GUI tries to visualize these informations as well as possible. (Action view dialog, Main window dialog). GUI loads contents of the whole dump directory whenever the user stops the fuzzing phase or whenever the Refresh button is pressed. (window.Window.refreshDump) A user can see the current contents of the directory even when the fuzzing phase is still running.
1.5.8