Server for fuzzing Android browsers. Originally built with Domato as a core component for generating HTML, CSS, and JS, but may move Domato related code to a driver, so it may be interchangable with other generators.
- Fuzzing isn't yet hands free. Need to work on launching pages after crashes, and diagnosing.
- Older devices experience OOM crashes very easily in Chrome. But it's preferable to keep hardware cheap.
- Frontend Server (flask_app.py)
- Serves content of user interface.
- Initializes database.
- Backend harness
- Loops through all connected devices
- Monitors logs to catch SIGSEGV signals
- TODO: Extracts tombstones from device that had crashed, appends testcase to filename if possible.
- Utility Code
- Code shared in common between the frontend and the harness.
- Database functions for startups.
- Launching browsers on devices through ADB.
- Drivers (TODO)
- Separates the server and harness code from Domato such that any generative fuzzing tech could be used in its place.
- Install tmux (optional), and ADB for your platform.
- Run
./start.sh
, or (sans tmux) run flask_app.py and harness.py with Python 3. - Connect device(s) to ADB.
- Wait for device to appear, and click on ADB besides it to begin fuzzing.
- Separate ADB and harness backend from frontend server.
- Consider using named pipes for communication with backend.
- Use pydoc, document everything.
- Separate use of domato into a driver.
- Fix bugs that happen because SQLite database is being used for a separate device's fuzzing.
- Separate database state into separate files for each device being fuzzed.
- Fix OOM issue in Chrome on older devices.
- Write a real visual frontend.