For example, ???
Link to
Microsoft??? is a common bit of HTML to include a hyperlink on a web page. Having a
vocabulary of valid HTML allows MangleMe to build better fuzzing test cases than pure
dumb fuzzing is able to do.
The second interesting source file is mangle.cgi, two pages of code that drive the
whole system. It??™s really simple code that builds up a page of HTML one tag at a time. It
has just three functions. In main(), you??™ll see that each page starts with the following
hard-coded HTML:
This meta refresh tag instructs the browser loading the HTML to fully load the page
and then immediately (0 seconds later) redirect to the URL mangle.cgi. This simply
reloads the same page over and over again, each time generating a different set of HTML.
Following that header, main() generates a random seed and a random number between
1 and 100. It then calls random_tag() the random number of times. Each call to random_
tag() picks one line from tags.h and generates a tag having a valid HTML element
some valid parameters set to bogus values, and some bogus parameters set to bogus values.
The third function, make_up_value(), sometimes returns valid HTML constructs,
and sometimes returns a random string of characters.
Pages:
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670