/*
hzzp/fuzz.h
04.27.2009
Hzzp

         Krakow Labs Development -> Hzzp
        Hypertext Transfer Protocol Fuzzer
             rush@KL (Jeremy Brown)

Fuzzing Oracle -> hzzp.tar.gz

Associated Files & Information:
http://www.krakowlabs.com/dev/fuz/hzzp/hzzp
http://www.krakowlabs.com/dev/fuz/hzzp/hzzp.c.txt
http://www.krakowlabs.com/dev/fuz/hzzp/fuzz.c.txt
http://www.krakowlabs.com/dev/fuz/hzzp/core.h.txt
http://www.krakowlabs.com/dev/fuz/hzzp/fuzz.h.txt
http://www.krakowlabs.com/dev/fuz/hzzp/http.h.txt
http://www.krakowlabs.com/dev/fuz/hzzp/Makefile.txt
http://www.krakowlabs.com/dev/fuz/hzzp/hzzp_doc.txt
http://www.krakowlabs.com/dev/fuz/hzzp/hzzp.tar.gz
http://www.krakowlabs.com/dev/fuz/hzzp/hzzp.jpeg
http://www.krakowlabs.com/dev/fuz/hzzp/hzzp.avi
hzzp/fuzz.h
*/

#define FZTL 96

/* [_Jeremy Brown_ 5th Generation Fuzzing Oracle _Jeremy Brown_] 96 */

char of1[550], of2[1100], of3[2100], of4[4200], of5[8400],
     of6[16500], of7[33000], of8[65800], of9[131200], of10[262400],
     of11[525000], of12[1050000];

char fmt1[] = "%n%n%n%n%n", fmt2[] = "%p%p%p%p%p", fmt3[] = "%s%s%s%s%s",
     fmt4[] = "%d%d%d%d%d", fmt5[] = "%x%x%x%x%x", fmt6[] = "%s%p%x%d",
     fmt7[] = "%.1024d", fmt8[] = "%.1025d", fmt9[] = "%.2048d",
     fmt10[] = "%.2049d", fmt11[] = "%.4096d", fmt12[] = "%.4097d",
     fmt13[] = "%99999999999s", fmt14[] = "%08x", fmt15[] = "%%20n",
     fmt16[] = "%%20p", fmt17[] = "%%20s", fmt18[] = "%%20d",
     fmt19[] = "%%20x", fmt20[] = "%#0123456x%08x%x%s%p%d%n%o%u%c%h%l%q%j%z%Z%t%i%e%g%f%a%C%S%08x%%";

char num1[] = "0", num2[] = "-0", num3[] = "1",
     num4[] = "-1", num5[] = "32767", num6[] = "-32768",
     num7[] = "65535", num8[] = "65536", num9[] = "65537",
     num10[] = "16777215", num11[] = "16777216", num12[] = "16777217",
     num13[] = "2147483647", num14[] = "-2147483647", num15[] = "2147483648",
     num16[] = "-2147483648", num17[] = "4294967294", num18[] = "4294967295",
     num19[] = "4294967296", num20[] = "357913942", num21[] = "-357913942",
     num22[] = "536870912", num23[] = "-536870912", num24[] = "5e-324",
     num25[] = "1.79769313486231E+308", num26[] = "3.39519326559384E-313", num27[] = "0xffff",
     num28[] = "0xfffffff", num29[] = "0xffffffff", num30[] = "0xfffffffe",
     num31[] = "0x3fffffff", num32[] = "0x7fffffff", num33[] = "0x7ffffffe",
     num34[] = "0x100", num35[] = "0x1000", num36[] = "0x10000",
     num37[] = "0x100000", num38[] = "0x80000000", num39[] = "-268435455",
     num40[] = "0x99999999", num41[] = "99999999999", num42[] = "-99999999999";

char misc1[] = "test|touch /tmp/FU_ZZ_ED|test", misc2[] = "test`touch /tmp/FU_ZZ_ED`test", misc3[] = "test'touch /tmp/FU_ZZ_ED'test",
     misc4[] = "test;touch /tmp/FU_ZZ_ED;test", misc5[] = "test&&touch /tmp/FU_ZZ_ED&&test", misc6[] = "test|C:/WINDOWS/system32/calc.exe|test",
     misc7[] = "test`C:/WINDOWS/system32/calc.exe`test", misc8[] = "test'C:/WINDOWS/system32/calc.exe'test", misc9[] = "test;C:/WINDOWS/system32/calc.exe;test",
     misc10[] = "C:/WINDOWS/system32/calc.exe", misc11[] = "|/bin/sh|", misc12[] = "`/bin/sh`",
     misc13[] = "%0xa", misc14[] = "%u000", misc15[] = "`~@#$",
     misc16[] = "%^&*()", misc17[] = "-=_+", misc18[] = "[]\{}",
     misc19[] = "|;\\':", misc20[] = ",./<>", misc21[] = "\n", misc22[] = "\n\n";

struct
{

     char *data;
     char *desc;

}

fuzz[] =
{

     // overflows
     {"", "Overflow: A x 550"},
     {"", "Overflow: A x 1100"},
     {"", "Overflow: A x 2100"},
     {"", "Overflow: A x 4200"},
     {"", "Overflow: A x 8400"},
     {"", "Overflow: A x 16500"},
     {"", "Overflow: A x 33000"},
     {"", "Overflow: A x 65800"},
     {"", "Overflow: A x 131200"},
     {"", "Overflow: A x 262400"},
     {"", "Overflow: A x 525000"},
     {"", "Overflow: A x 1050000"},

     // format strings
     {fmt1,  "Format String: %n x 5"},
     {fmt2,  "Format String: %p x 5"},
     {fmt3,  "Format String: %s x 5"},
     {fmt4,  "Format String: %d x 5"},
     {fmt5,  "Format String: %x x 5"},
     {fmt6,  "Format String: %s%p%x%d"},
     {fmt7,  "Format String: %.1024d"},
     {fmt8,  "Format String: %.1025d"},
     {fmt9,  "Format String: %.2048d"},
     {fmt10, "Format String: %.2049d"},
     {fmt11, "Format String: %.4096d"},
     {fmt12, "Format String: %.4097d"},
     {fmt13, "Format String: %99999999999s"},
     {fmt14, "Format String: %08x"},
     {fmt15, "Format String: %%20n"},
     {fmt16, "Format String: %%20p"},
     {fmt17, "Format String: %%20s"},
     {fmt18, "Format String: %%20d"},
     {fmt19, "Format String: %%20x"},
     {fmt20, "Format String: %#0123456x%08x%x%s%p%d%n%o%u%c%h%l%q%j%z%Z%t%i%e%g%f%a%C%S%08x%%"},

     // numbers
     {num1, "Number: 0"},
     {num2, "Number: -0"},
     {num3, "Number: 1"},
     {num4, "Number: -1"},
     {num5, "Number: 32767"},
     {num6, "Number: -32768"},
     {num7, "Number: 65535"},
     {num8, "Number: 65536"},
     {num9, "Number: 65537"},
     {num10, "Number: 16777215"},
     {num11, "Number: 16777216"},
     {num12, "Number: 16777217"},
     {num13, "Number: 2147483647"},
     {num14, "Number: -2147483647"},
     {num15, "Number: 2147483648"},
     {num16, "Number: -2147483648"},
     {num17, "Number: 4294967294"},
     {num18, "Number: 4294967295"},
     {num19, "Number: 4294967296"},
     {num20, "Number: 357913942"},
     {num21, "Number: -357913942"},
     {num22, "Number: 536870912"},
     {num23, "Number: -536870912"},
     {num24, "Number: 5e-324"},
     {num25, "Number: 1.79769313486231E+308"},
     {num26, "Number: 3.39519326559384E-313"},
     {num27, "Number: 0xffff"},
     {num28, "Number: 0xfffffff"},
     {num29, "Number: 0xffffffff"},
     {num30, "Number: 0xfffffffe"},
     {num31, "Number: 0x3fffffff"},
     {num32, "Number: 0x7fffffff"},
     {num33, "Number: 0x7ffffffe"},
     {num34, "Number: 0x100"},
     {num35, "Number: 0x1000"},
     {num36, "Number: 0x10000"},
     {num37, "Number: 0x100000"},
     {num38, "Number: 0x80000000"},
     {num39, "Number: -268435455"},
     {num40, "Number: 0x99999999"},
     {num41, "Number: 99999999999"},
     {num42, "Number: -99999999999"},

     // misc bugs
     {misc1,  "Misc Bug: test|touch /tmp/FU_ZZ_ED|test"},
     {misc2,  "Misc Bug: test`touch /tmp/FU_ZZ_ED`test"},
     {misc3,  "Misc Bug: test'touch /tmp/FU_ZZ_ED'test"},
     {misc4,  "Misc Bug: test;touch /tmp/FU_ZZ_ED;test"},
     {misc5,  "Misc Bug: test&&touch /tmp/FU_ZZ_ED&&test"},
     {misc6,  "Misc Bug: test|C:/WINDOWS/system32/calc.exe|test"},
     {misc7,  "Misc Bug: test`C:/WINDOWS/system32/calc.exe`test"},
     {misc8,  "Misc Bug: test'C:/WINDOWS/system32/calc.exe'test"},
     {misc9,  "Misc Bug: test;C:/WINDOWS/system32/calc.exe;test"},
     {misc10, "Misc Bug: C:/WINDOWS/system32/calc.exe"},
     {misc11, "Misc Bug: |/bin/sh|"},
     {misc12, "Misc Bug: `/bin/sh`"},
     {misc13, "Misc Bug: %0xa"},
     {misc14, "Misc Bug: %u000"},
     {misc15, "Misc Bug: `~@#$"},
     {misc16, "Misc Bug: %^&*()"},
     {misc17, "Misc Bug: -=_+"},
     {misc18, "Misc Bug: []\{}"},
     {misc19, "Misc Bug: |;\\':"},
     {misc20, "Misc Bug: ,./<>"},
     {misc21, "Misc Bug: \\n"},
     {misc22, "Misc Bug: \\n\\n"},

};

/* [_Jeremy Brown_ 5th Generation Fuzzing Oracle _Jeremy Brown_] 96 */