Skip to content

lexylee2406/freedom

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

FreeDom

Paper

FREEDOM: Engineering a State-of-the-Art DOM Fuzzer (ACM CSS 2020)

Prerequisites

  • Python 3.x

Usage

python3 main.py

Fuzzer configuration

Check config.py that manages testcase complexity and fuzzing process.

Mode 0. Testcase generation only

This mode simply generates a number of random HTML documents and save them to a given directory.

Example:

python main.py -i 1 -m generate -n 10 -o output

Security bugs

  • WebKit (Safari): CVE-2019-6212, CVE-2019-8596, CVE-2019-8609, CVE-2019-8720, CVE-2020-9803, CVE-2020-9806, CVE-2020-9807, CVE-2020-9895
  • Chrome: CVE-2019-5806, CVE-2019-5817, Issue 943424, Issue 943538
  • Firefox: Issue 1626152

Citation

@inproceedings{xu:freedom,
  title        = {{FREEDOM: Engineering a State-of-the-Art DOM Fuzzer (to appear)}},
  author       = {Wen Xu and Soyeon Park and Taesoo Kim},
  booktitle    = {Proceedings of the 27th ACM Conference on Computer and Communications Security (CCS)},
  month        = nov,
  year         = 2020,
  address      = {Orlando, FL},
}

Contacts

About

A DOM fuzzer

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%