kisspeter / apifuzzer Goto Github PK
View Code? Open in Web Editor NEWFuzz test your application using your OpenAPI or Swagger API definition without coding
License: GNU General Public License v3.0
Fuzz test your application using your OpenAPI or Swagger API definition without coding
License: GNU General Public License v3.0
When I add a header that contains a space character I get an error regarding JSON breaking the content after the space.
usage: APIFuzzer [-h] [-s SRC_FILE] [--src_url SRC_URL] [-r REPORT_DIR] [--level LEVEL] [-u ALTERNATE_URL] [-t TEST_RESULT_DST]
[--log {critical,fatal,error,warn,warning,info,debug,notset}] [--basic_output BASIC_OUTPUT] [--headers HEADERS] [-v]
APIFuzzer: error: argument --headers: ('%s is not JSON', '[{"Authorization":"Basic')
Is there any way to fix this?
I was trying to load a YAML OpenAPI file, but ran into a problem where it can only read a JSON file.
Source: https://github.com/KissPeter/APIFuzzer/blob/master/fuzzer.py#L118
$ python3 fuzzer.py -s ../../moov-io/paygate/openapi.yaml -u http://127.0.0.1:8082/ -r ./reports/ --log debug --headers '[{"x-user-id": "adam"}]'
Failed to parse input file: Expecting value: line 1 column 1 (char 0)
I can submit a PR to try and read YAML and JSON. Thoughts?
Describe the bug
Below error observed on execution.
fuzzer_type: boolean fuzzer: RandomBitsField
94093 [ ERROR] APIFuzzer [fuzzer.py:47 - prepare ]: Exception: max_length(0) < 0
Traceback (most recent call last):
File "/.pyenv/versions/3.9.0/lib/python3.9/site-packages/apifuzzer/fuzzer.py", line 45, in prepare/.pyenv/versions/3.9.0/lib/python3.9/site-packages/apifuzzer/openapi_template_generator.py", line 110, in process_api_resources
template_generator.process_api_resources()
File "
self._process_api_resources()
File "/.pyenv/versions/3.9.0/lib/python3.9/site-packages/apifuzzer/openapi_template_generator.py", line 252, in _process_api_resources/.pyenv/versions/3.9.0/lib/python3.9/site-packages/apifuzzer/custom_fuzzers.py", line 112, in init
fuzz_type(
File "
super(RandomBitsField, self).init(
File "/.pyenv/versions/3.9.0/lib/python3.9/site-packages/kitty/model/low_level/field.py", line 1114, in init/.pyenv/versions/3.9.0/lib/python3.9/site-packages/kitty/model/low_level/field.py", line 1135, in _validate_lengths
self._validate_lengths(min_length, max_length)
File "
raise KittyException('max_length(%d) < 0' % (max_length))
kitty.core.KittyException: max_length(0) < 0
Unexpected exception happened during fuzz test preparation: max_length(0) < 0. Feel free to report the issue
APIFuzzer debug log
Please provide the related APIFuzzer debug log
Related API definition
Please provide only the minimal but valid API definition which causes the issue
Software environment (please complete the following information):
Additional context
Add any other context about the problem here.
Hi KissPeter,
I am able to run the tool successfully. But after validating the reports, I haven't found parameters which are response, parsed_status_code and request body .
Below is the report which i get
{"status": "failed",
"name": [{"Authorization": "SuperSecret"}, {"Auth2": "asd"}],
"sub_reports": [], "test_number": 177,
"state": "COMPLETED",
"request_url": "http://127.0.0.1:5000/v2/pet/findByStatus?status=\u0003\u0007U'",
"request_method": "GET",
"request_headers": "{"User-Agent": "APIFuzzer", "Accept-Encoding": "gzip, deflate", "Accept": "/", "Connection": "keep-alive", "Authorization": "SuperSecret", "Auth2": "asd"}",
"reason": "failed"
}
In provided example, I have seen below parameters
response,
parsed_status_code
request_body
Note: Based on status_code . I will try to eliminate false positives.
Would be great to have a setup.py
for the APIFuzzer to allow isntallation via pip
... as intermediate step until #12.
Describe the bug
I am working with the Fuzzer and while it is working well for resources without path parameters, I experienced an exception if I include a path parameter directly under a resource (called "path item" in the documentation of OpenAPI). The idea is that for a resource like /blacklists/{blacklistId} it is not making sense to add a PATH-parameter "blacklistId" to each single CRUD method, instead it should be defined one level above. Both would be valid syntax but my parser adds it to the path item and not the operations and as the document is about 7.000 lines and I cannot find a way to make the parser add it to each operation, it would be nice if you could fix this.
Reference to documentation
Each template expression in the path MUST correspond to a path parameter that is included in the Path Item itself and/or in each of the Path Item’s Operations. An exception is if the path item is empty, for example due to ACL constraints, matching path parameters are not required.
See: https://spec.openapis.org/oas/v3.1.0#path-templating
This error has the same log entry like described here: #46
Maybe it has a similar or the same cause.
APIFuzzer debug log
3496041 [ DEBUG] APIFuzzer.JsonSectionAbove-schema [move_json_parts.py:40 - _resolve ]: Processed: schemas -> {"schemas": {"Blacklist": {"properties": {"entries": {"items": {"type": "string"}, "type": "array"},
3496041 [ DEBUG] APIFuzzer.JsonSectionAbove-schema [move_json_parts.py:40 - _resolve ]: Processed: components -> {"components": {"schemas": {"Blacklist": {"properties": {"entries": {"items": {"type": "string"}, "t
3496041 [ INFO] APIFuzzer.OpenAPITemplateGenerator [openapi_template_generator.py:108 - process_api_resources ]: Start preparation
3496041 [ ERROR] APIFuzzer [fuzzer.py:47 - prepare ]: Exception: 'list' object has no attribute 'get'
Traceback (most recent call last):
File "/home/mysecretusername/APIFuzzer/APIFuzzer/apifuzzer/fuzzer.py", line 45, in prepare
template_generator.process_api_resources()
File "/home/mysecretusername/APIFuzzer/APIFuzzer/apifuzzer/openapi_template_generator.py", line 109, in process_api_resources
self._process_request_body()
File "/home/mysecretusername/APIFuzzer/APIFuzzer/apifuzzer/openapi_template_generator.py", line 123, in _process_request_body
paths[resource][method].get("requestBody", {}).get("content", [])
AttributeError: 'list' object has no attribute 'get'
Unexpected exception happened during fuzz test preparation: 'list' object has no attribute 'get'. Feel free to report the issue
Related API definition
openapi: 3.0.3
info:
title: Generated API
version: "1.0"
servers:
- url: https://mysecretserver/1.0
paths:
/blacklists/{blacklistId}:
get:
responses:
"200":
description: OK
content:
text/xml:
schema:
$ref: '#/components/schemas/Blacklist'
parameters:
- in: path
name: blacklistId
schema:
format: int64
type: integer
required: true
description: The ID of the blacklist to retrieve details on
components:
schemas:
Blacklist:
type: object
properties:
id:
format: int64
type: integer
name:
type: string
entries:
type: array
items:
type: string
In this simple example I added a path parameter 'blacklistId' to be used for all future CRUD methods. Actually I did this not by myself but this was generated by some generator and the output can be used to e.g. provide a graphical documentation and everything looks fine.
First I tried different variations from the documentation, e.g. changing order of attributes, testing a string instead of a long but as soon as I add the parameter to the yaml, the fuzzer quits. I also tried renaming the parameter as 'blacklistid' but with no success. I can remove the whole Schema and all references to it,
Then I came up testing if it is a difference if I move the parameter description to the path item's operation:
---
openapi: 3.0.3
info:
title: Generated API
version: "1.0"
servers:
- url: https://mysecretserver/1.0
paths:
/blacklists/{blacklistId}:
get:
responses:
"200":
description: OK
content:
text/xml:
schema:
$ref: '#/components/schemas/Blacklist'
parameters:
- in: path
name: blacklistId
schema:
format: int64
type: integer
required: true
description: The ID of the blacklist to retrieve details on
components:
schemas:
Blacklist:
type: object
properties:
id:
format: int64
type: integer
name:
type: string
entries:
type: array
items:
type: string
Now the parameter belongs to the GET method and the fuzzer starts running.
Software environment (please complete the following information):
Describe the bug
The OpenAPI definition that I am using has references ($ref) in the /paths
section. The parser from APIFuzzer does not take it as valid.
APIFuzzer debug log
jordi@DESKTOP-NISTS11:/mnt/c/dev/workspace/APIFuzzer$ ./APIFuzzer -s ../saas-api/openapi/main.yml
2508 [WARNING] APIFuzzer.ResolveReferences: Failed to find paths.~1v1~1tenants because: Parse error at 1:6 near token ~ (~)
2508 [WARNING] APIFuzzer.ResolveReferences: No /paths/~1v1~1tenants in {"components": {"parameters": {}, "schemas": {"Tenant": {"allOf": [{"$ref": "./types.yml#/components/schemas/Id"}, {"$ref": "#/components/schemas/TenantData"}], "description": "Tenant model"}, "Tenant
2508 [WARNING] APIFuzzer.ResolveReferences: 2 Nothing to do with <class 'NoneType'>: None
2508 [WARNING] APIFuzzer.ResolveReferences: Failed to find paths.~1v1~1tenants~1%7BtenantId%7D because: Parse error at 1:6 near token ~ (~)
2508 [WARNING] APIFuzzer.ResolveReferences: No /paths/~1v1~1tenants~1%7BtenantId%7D in {"components": {"parameters": {}, "schemas": {"Tenant": {"allOf": [{"$ref": "./types.yml#/components/schemas/Id"}, {"$ref": "#/components/schemas/TenantData"}], "description": "Tenant model"}, "Tenant
2508 [WARNING] APIFuzzer.ResolveReferences: 2 Nothing to do with <class 'NoneType'>: None
2508 [WARNING] APIFuzzer.ResolveReferences: Failed to find paths.~1v1~1tenants~1%7BtenantId%7D~1customers because: Parse error at 1:6 near token ~ (~)
2508 [WARNING] APIFuzzer.ResolveReferences: No /paths/~1v1~1tenants~1%7BtenantId%7D~1customers in {"components": {"schemas": {"Customer": {"allOf": [{"$ref": "./types.yml#/components/schemas/Id"}, {"$ref": "#/components/schemas/CustomerData"}], "description": "Customer model"}, "CustomerData": {"d
2508 [WARNING] APIFuzzer.ResolveReferences: 2 Nothing to do with <class 'NoneType'>: None
2508 [WARNING] APIFuzzer.ResolveReferences: Failed to find paths.~1v1~1tenants~1%7BtenantId%7D~1customers~1%7BcustomerId%7D because: Parse error at 1:6 near token ~ (~)
2508 [WARNING] APIFuzzer.ResolveReferences: No /paths/~1v1~1tenants~1%7BtenantId%7D~1customers~1%7BcustomerId%7D in {"components": {"schemas": {"Customer": {"allOf": [{"$ref": "./types.yml#/components/schemas/Id"}, {"$ref": "#/components/schemas/CustomerData"}], "description": "Customer model"}, "CustomerData": {"d
2508 [WARNING] APIFuzzer.ResolveReferences: 2 Nothing to do with <class 'NoneType'>: None
2508 [ ERROR] APIFuzzer: Exception: 'NoneType' object has no attribute 'keys'
Traceback (most recent call last):
File "/home/jordi/.local/lib/python3.8/site-packages/apifuzzer/fuzzer.py", line 37, in prepare
template_generator.process_api_resources()
File "/home/jordi/.local/lib/python3.8/site-packages/apifuzzer/openapi_template_generator.py", line 100, in process_api_resources
self._process_request_body()
File "/home/jordi/.local/lib/python3.8/site-packages/apifuzzer/openapi_template_generator.py", line 110, in _process_request_body
for method in paths[resource].keys():
AttributeError: 'NoneType' object has no attribute 'keys'
Unexpected exception happened during fuzz test preparation: 'NoneType' object has no attribute 'keys'. Feel free to report the issue
Related API definition
main.yml
openapi: 3.0.2
info:
title: Some API
version: 1.0.0
description: Main file to hold the rest of the OpenAPI definitions.
contact:
name: Some
email: [email protected]
servers:
- url: 'http://localhost:8080'
paths:
/v1/tenants:
$ref: 'tenants.yml#/paths/~1v1~1tenants'
/v1/tenants/{tenantId}:
$ref: 'tenants.yml#/paths/~1v1~1tenants~1%7BtenantId%7D'
tenants.yml (reduced)
openapi: 3.0.2
info:
title: Tenants
version: 1.0.0
contact:
name: Some
email: [email protected]
description: Tenants API
servers:
- url: 'http://localhost:8080'
paths:
/v1/tenants:
post:
tags:
- tenant
summary: Create a new tenant
responses:
'201':
description: Created
content:
application/json:
schema:
$ref: '#/components/schemas/TenantData'
operationId: post-v1-tenants
description: Create a new tenant
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/TenantData'
components:
securitySchemes: {}
schemas:
TenantData:
title: TenantData
type: object
x-examples:
example-1:
name: Cool Startup
description: Holds the information for creating a new Tenant.
properties:
name:
type: string
example: Cool Startup
minLength: 1
maxLength: 256
required:
- name
parameters: {}
tags:
- name: tenant
description: Tenant Tag
Software environment (please complete the following information):
Additional context
Add any other context about the problem here.
Reports are missing data about the request that cause the issue, and many fields are base64-encoded.
For instance, a report can look like this:
{
"status": "ZmFpbGVk",
"name": "dGFyZ2V0",
"sub_reports": [],
"test_number": 94,
"state": "Q09NUExFVEVE",
"reason": "dGFyZ2V0"
}
This is more of an idea/solution proposition, I have explored it with a POC.
Most of the time, openapi fuzzing will randomize data from the spec and end up making a lot of requests that won't drill into the actual implementation because of access control or non-existing ids. (403 and 404)
My idea for this is a recursive crawler on the api, by taking a look at the responses from "easy" paths that return some data, and inferring the data with the required parameters for other paths. By reusing the data you ensure that objects will actually exist, and you can check for IDOR easily.
It's a bit complex but I think storing a catalog of known good parameters can speed up the process of exploring the API. Whenever you fuzz a new path, look at the parameters and see if you have known ones that should work, check if you get 200 and then mutate that parameter.
Otherwise it feels a bit like brute forcing a lot of uuids and ids in paths.
The only alternative I know of is proxy-based fuzzing which doesn't have a lot of tools afaik. Some can fuzz lower level protocols but for HTTP I don't remember seeing a lot (maybe burp has a fancy plugin, I know that Autorize can check IDOR because it replays good requests and mutates that)
Question
Is HTTPS and oauth2 authorization supported?
Doing something like:
APIFuzzer --headers '[{"Authorization": "Bearer "}]' -s openapi.yml -u https://
The proper way to start an application under test is using a controller component. See http://kitty.readthedocs.io/en/latest/base_structure.html#controller
Neet to implement a controller that will fork a process with the ingestion service on a free random port. After the service is up and running the controller should start fuzzing
When running this command:
APIFuzzer -s /Users/username/Documents/demo.yaml
The result is:
Unexpected exception happened during fuzz test preparation: 'str' object has no attribute 'get'. Feel free to report the issue
Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
Describe the solution you'd like
A clear and concise description of what you want to happen.
Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.
Additional context
Add any other context or screenshots about the feature request here.
[new feature]
As a user, I want to set logging level as command line parameter.
The output and reports with log level debug should include request/response with headers.
Example:
python fuzzer.py -s your_swagger_definition.json -u http://localhost:8080/ --log DEBUG
Output:
Request:
GET /product/show/%7Bid%7D?id=asd HTTP/1.1
Host: localhost:8080
Connection: keep-alive
Accept-Encoding: gzip, deflate
Accept: */*
User-Agent: python-requests/2.18.4
Response:
HTTP/1.1 400
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Mon, 05 Feb 2018 12:42:42 GMT
Connection: close
Body:
{"timestamp":1517834562537,"status":400,"error":"Bad Request","exception":"org.springframework.web.method.annotation.MethodArgumentTypeMismatchException","message":"Failed to convert value of type 'java.lang.String' to required type 'java.lang.Integer'; nested exception is java.lang.NumberFormatException: For input string: \"{id}\"","path":"/product/show/%7Bid%7D"}
Describe the bug
The reports that get stored in the directory indicated by the --report_dir
argument have filenames prefixed with the current_index
on the model. current_index
seems to start with -1 (a feature of kittyfuzzer
?) so the first report is -1-something, the next 0-something and then 1-something. It would make more sense to me for the reports to begin with either 1 or 0. In addition, zero padding the filenames would make sorting by name consistent with the order in which the reports were created.
Related API definition
I assume any, but here's the one I was using
Software environment (please complete the following information):
APIFuzzer is failing for the CI integration .
CI script :
stage: validate
image:
variables:
SEARCH_DIR: "./reference"
script:
- cat /etc/os-release
- apt-get update
- apt-get -y install python3-pip tree
- python3 -m pip install --upgrade pip
- pip3 --version
- apt-get -y install gcc libcurl4-nss-dev python3-dev
- git clone https://github.com/KissPeter/APIFuzzer.git && tree
- pip3 install -r APIFuzzer/requirements.txt
- APIFuzzer/APIFuzzer -v && APIFuzzer/APIFuzzer -h
- mkdir reports && pwd && ls -lh
- |
for file in `find ${SEARCH_DIR} -type f -name "*.yaml"`
do
echo "##### Run APIFuzzer #####";
echo "Run APIFuzzer/APIFuzzer -s ${file} -r ./reports/ --log debug";
APIFuzzer/APIFuzzer -s ${file} -r ./reports/ --log debug;
#npx ibm-openapi-validator ${file};
done
error:
[32;1m$ for file in find ${SEARCH_DIR} -type f -name "*.yaml"
# collapsed multi-line command�[0;m
##### Run APIFuzzer #####
Run APIFuzzer/APIFuzzer -s ./reference/authentication/demo.yaml -r ./reports/ --log debug
1024 [ INFO] APIFuzzer [fuzzer.py:34 - init ]: APIFuzzer 0.9.13 initialized
1024 [ INFO] APIFuzzer.JsonSectionAbove-schema [move_json_parts.py:48 - resolve ]: Resolving schema references
1024 [ DEBUG] APIFuzzer.JsonSectionAbove-schema [move_json_parts.py:55 - resolve ]: 1 resolving reference
Traceback (most recent call last):
File "APIFuzzer/APIFuzzer", line 94, in
prog.prepare()
File "/builds/YHitoRqx/1/dir/doc/APIFuzzer/apifuzzer/fuzzer.py", line 40, in prepare
template_generator = OpenAPITemplateGenerator(
File "/builds/YHitoRqx/1/dir/doc/APIFuzzer/apifuzzer/openapi_template_generator.py", line 42, in init
self.api_resources = self.json_formatter.resolve()
File "/builds/YHitoRqx/1/dir/doc/APIFuzzer/apifuzzer/move_json_parts.py", line 56, in resolve
data, resolved_in_this_iteration = self._resolve(data)
File "/builds/YHitoRqx/1/dir/doc/APIFuzzer/apifuzzer/move_json_parts.py", line 16, in _resolve
self.logger.debug(f"Processing {pretty_print(data, 50)}")
File "/builds/YHitoRqx/1/dir/doc/APIFuzzer/apifuzzer/utils.py", line 190, in pretty_print
return json.dumps(printable, sort_keys=True)[0:limit]
File "/usr/lib/python3.8/json/init.py", line 234, in dumps
return cls(
File "/usr/lib/python3.8/json/encoder.py", line 199, in encode
chunks = self.iterencode(o, _one_shot=True)
File "/usr/lib/python3.8/json/encoder.py", line 257, in iterencode
return _iterencode(o, 0)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "APIFuzzer/APIFuzzer", line 99, in <module>
print(f'Unexpected exception happened during fuzz test preparation: {traceback.print_stack(*sys.exc_info())}.\n'
File "/usr/lib/python3.8/traceback.py", line 190, in print_stack
print_list(extract_stack(f, limit=limit), file=file)
File "/usr/lib/python3.8/traceback.py", line 211, in extract_stack
stack = StackSummary.extract(walk_stack(f), limit=limit)
File "/usr/lib/python3.8/traceback.py", line 340, in extract
if limit >= 0:
TypeError: '>=' not supported between instances of 'ValueError' and 'int'
section_end:1656922805:step_script
�[0Ksection_start:1656922805:cleanup_file_variables
�[0K�[0K�[36;1mCleaning up file based variables�[0;m
�[0;msection_end:1656922805:cleanup_file_variables
�[0K�[31;1mERROR: Job failed: command terminated with exit code 1
�[0;m
Describe the bug
I have a set of generated YAML and some contain a single path item with a single operation and instead of accepting it, the fuzzer gives an assertion error and stops processing. If I add another node, i.e. a second operation or even a nonsense parameter,the parser accepts the yaml and the fuzzing starts. I understand that this happens as the fuzzer sees "nothing to do" for this path item and defines this as "invalid", even if the OpenAPI YAML is valid according to the definition.
I would expect the parser to ignore this path item and just shut down instead of throwing an assertion error.
APIFuzzer debug log
3506003 [ INFO] APIFuzzer.OpenAPITemplateGenerator [openapi_template_generator.py:108 - process_api_resources ]: Start preparation
3506003 [ INFO] APIFuzzer.OpenAPITemplateGenerator [openapi_template_generator.py:152 - _process_api_resources ]: Resource: /blacklists Method: get
3506003 [ DEBUG] APIFuzzer.OpenAPITemplateGenerator [openapi_template_generator.py:78 - _get_template ]: Open new Fuzz template for blacklists|get
3506003 [ INFO] APIFuzzer.BaseTemplate [base_template.py:51 - get_stat ]: Template size: 0, content: {'params': set(), 'headers': set(), 'data': set(), 'path_variables': set(), 'cookies': set(), 'query': set(), 'content_type': ''}
3506003 [ DEBUG] APIFuzzer.OpenAPITemplateGenerator [openapi_template_generator.py:328 - compile_base_url ]: Using openapi style url: http://localhost:8080/api
3506003 [ INFO] APIFuzzer.FuzzerTarget [fuzz_request_sender.py:36 - __init__ ]: Logger initialized
3506003 [ INFO] APIFuzzer.OpenApiServerFuzzer [server_fuzzer.py:38 - __init__ ]: Logger initialized
Traceback (most recent call last):
File "./APIFuzzer", line 101, in <module>
prog.run()
File "/home/secretuser/APIFuzzer/APIFuzzer/apifuzzer/fuzzer.py", line 66, in run
fuzzer.set_model(model)
File "/home/secretuser/.local/lib/python3.8/site-packages/kitty/fuzzers/base.py", line 256, in set_model
self.handle_stage_changed(model)
File "/home/secretuser/.local/lib/python3.8/site-packages/kitty/fuzzers/base.py", line 404, in handle_stage_changed
stages = model.get_stages()
File "/home/secretuser/.local/lib/python3.8/site-packages/kitty/model/high_level/graph.py", line 223, in get_stages
sequence = self.get_sequence()
File "/home/secretuser/.local/lib/python3.8/site-packages/kitty/model/high_level/base.py", line 154, in get_sequence
self._get_ready()
File "/home/secretuser/.local/lib/python3.8/site-packages/kitty/model/high_level/graph.py", line 101, in _get_ready
assert len(self._sequences)
AssertionError
Related API definition
My failing definition looks like this:
---
openapi: 3.0.3
info:
title: Generated API
version: "1.0"
servers:
- url: http://localhost:8080/api
paths:
/blacklists:
get:
responses:
"200":
description: OK
content:
application/vnd.maileon.api+xml:
schema:
type: array
items:
$ref: '#/components/schemas/Blacklist'
components:
schemas:
Blacklist:
type: object
properties:
id:
format: int64
type: integer
name:
type: string
entries:
type: array
items:
type: string
Software environment (please complete the following information):
Is there a workaround for the missing -t
command line option? If I pipe the stdout of APIFuzzer into a log file
python2.7 fuzzer.py -s <spec-file> -u <url> $PWD/apifuzzer.log
the log file content is not complete (misses content in comparison with the command line output).
After utilizing fuzzer, am getting invalid json data value. While passing the
fuzzer.py: error: argument --headers: invalid json_data value: '[{Authorization:'
Constructed payload.
python fuzzer.py -s test/swagger.json -u http://muurl --headers [{"Authorization": "Placed Valid Token"}] -r /tmp/reports/ --log debug
Due to privacy issues, haven't pasted url and token.
What does this error mean?
[INFO ][fuzz_request_sender.__init__] Logger initialized
Traceback (most recent call last):
File "fuzzer.py", line 158, in <module>
prog.run()
File "fuzzer.py", line 54, in run
model.connect(template.compile_template())
File "/root/tools/APIFuzzer/apifuzzer/base_template.py", line 43, in compile_template
template.append_fields([Container(name=name, fields=field)])
File "/usr/local/lib/python3.8/dist-packages/kitty/model/low_level/container.py", line 65, in __init__
self.replace_fields(fields)
File "/usr/local/lib/python3.8/dist-packages/kitty/model/low_level/container.py", line 333, in replace_fields
self.append_fields(new_fields)
File "/usr/local/lib/python3.8/dist-packages/kitty/model/low_level/container.py", line 253, in append_fields
self.push(field)
File "/usr/local/lib/python3.8/dist-packages/kitty/model/low_level/container.py", line 320, in push
raise KittyException('field with the name (%s) already exists in this container' % (name))
kitty.core.KittyException: field with the name (v1+themes|post|inherited) already exists in this container
A project without a license can't be used for commercial purposes in many companies.
@KissPeter, couldn't you add a license please. See https://help.github.com/articles/licensing-a-repository/. MIT license for example
Describe the bug
For a list of lists property with default [[]]
(alternatives
in the schema attached), you get this error:
Unexpected exception happened during fuzz test preparation: sequence item 0: expected str instance, list found.
APIFuzzer debug log
Related API definition
Software environment (please complete the following information):
GET /product/show/l%D7x%26%B5%B8%C86%19%D4q%98 HTTP/1.1
someOptionalHeader:asd
Host: localhost:8080
Connection: keep-alive
Accept-Encoding: gzip, deflate
Accept: */*
User-Agent: python-requests/2.18.4
Actual: (provided by wireshark)
GET /product/show/%7Bid%7D?someOptionalHeader=asd&id=l%D7x%26%B5%B8%C86%19%D4q%98 HTTP/1.1
Host: localhost:8080
Connection: keep-alive
Accept-Encoding: gzip, deflate
Accept: */*
User-Agent: python-requests/2.18.4
How to reproduce:
Use https://github.com/LyashenkoGS/springboot_swagger_example/commit/13636377d2074755816f8fa1152c962ceb5e5d07
Build, run, export swagger.json according to the README.md
Tried to run APIFuzzer in both host system(macos) and in docker container(python:3.7-alpine).
Steps to reproduce:
git clone https://github.com/KissPeter/APIFuzzer.git
pip3 install -r APIFuzzer/requirements.txt
python3 fuzzer.py -s test/test_swagger_definition.json -u http://localhost:5000/ -r /tmp/reports/
Here is my stdout:
[INFO ][fuzzer_target.__init__] Logger initialized
--- Logging error ---
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 934, in emit
self.socket.send(msg)
OSError: [Errno 9] Bad file descriptor
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 855, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 937, in emit
self._connect_unixsocket(self.address)
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 866, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
Call stack:
File "fuzzer.py", line 117, in <module>
prog.run()
File "fuzzer.py", line 45, in run
target = FuzzerTarget(name='target', base_url=self.base_url, report_dir=self.report_dir)
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/fuzzer_target.py", line 29, in __init__
self.logger.info('Logger initialized')
Message: 'Logger initialized'
Arguments: ()
[INFO ][base._load_session] No session loaded
--- Logging error ---
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 934, in emit
self.socket.send(msg)
OSError: [Errno 9] Bad file descriptor
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 855, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 937, in emit
self._connect_unixsocket(self.address)
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 866, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
Call stack:
File "fuzzer.py", line 117, in <module>
prog.run()
File "fuzzer.py", line 54, in run
fuzzer.start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/base.py", line 345, in start
if self._load_session():
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/base.py", line 587, in _load_session
self.logger.info('No session loaded')
Message: 'No session loaded'
Arguments: ()
[INFO ][base._start_message]
--------------------------------------------------
Starting fuzzing session
Target: FuzzerTarget
UI: WebInterface listening on 127.0.0.1:26000
Log: ./kittylogs/kitty_20190918-103124.log
Total possible mutation count: 1113920
--------------------------------------------------
Happy hacking
--------------------------------------------------
--- Logging error ---
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 934, in emit
self.socket.send(msg)
OSError: [Errno 9] Bad file descriptor
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 855, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 937, in emit
self._connect_unixsocket(self.address)
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 866, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
Call stack:
File "fuzzer.py", line 117, in <module>
prog.run()
File "fuzzer.py", line 54, in run
fuzzer.start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/base.py", line 378, in start
self._start_message()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/base.py", line 475, in _start_message
self.model.num_mutations(),
Message: '\n --------------------------------------------------\n Starting fuzzing session\n Target: %s\n UI: %s\n Log: %s\n\n Total possible mutation count: %d\n --------------------------------------------------\n Happy hacking\n --------------------------------------------------\n '
Arguments: ('FuzzerTarget', 'WebInterface listening on 127.0.0.1:26000', './kittylogs/kitty_20190918-103124.log', 1113920)
[INFO ][base.start] Performing environment test
--- Logging error ---
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 934, in emit
self.socket.send(msg)
OSError: [Errno 9] Bad file descriptor
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 855, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 937, in emit
self._connect_unixsocket(self.address)
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 866, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
Call stack:
File "fuzzer.py", line 117, in <module>
prog.run()
File "fuzzer.py", line 54, in run
fuzzer.start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/base.py", line 384, in start
self.logger.info('Performing environment test')
Message: 'Performing environment test'
Arguments: ()
[INFO ][base._test_info] Current test: -1
--- Logging error ---
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 934, in emit
self.socket.send(msg)
OSError: [Errno 9] Bad file descriptor
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 855, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 937, in emit
self._connect_unixsocket(self.address)
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 866, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
Call stack:
File "fuzzer.py", line 117, in <module>
prog.run()
File "fuzzer.py", line 54, in run
fuzzer.start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/base.py", line 385, in start
self._test_environment()
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/server_fuzzer.py", line 105, in _test_environment
if self._run_sequence(sequence):
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 66, in _run_sequence
self._test_info()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/base.py", line 498, in _test_info
self.logger.info('Current test: %s' % self.model.current_index())
Message: 'Current test: -1'
Arguments: ()
[INFO ][server_fuzzer._transmit] Transmit place: params
--- Logging error ---
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 934, in emit
self.socket.send(msg)
OSError: [Errno 9] Bad file descriptor
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 855, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 937, in emit
self._connect_unixsocket(self.address)
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 866, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
Call stack:
File "fuzzer.py", line 117, in <module>
prog.run()
File "fuzzer.py", line 54, in run
fuzzer.start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/base.py", line 385, in start
self._test_environment()
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/server_fuzzer.py", line 105, in _test_environment
if self._run_sequence(sequence):
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 74, in _run_sequence
resp = self._transmit(node)
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/server_fuzzer.py", line 53, in _transmit
self.logger.info('Transmit place: {}'.format(place))
Message: 'Transmit place: params'
Arguments: ()
[INFO ][server_fuzzer._transmit] Transmit place: headers
--- Logging error ---
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 934, in emit
self.socket.send(msg)
OSError: [Errno 9] Bad file descriptor
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 855, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 937, in emit
self._connect_unixsocket(self.address)
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 866, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
Call stack:
File "fuzzer.py", line 117, in <module>
prog.run()
File "fuzzer.py", line 54, in run
fuzzer.start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/base.py", line 385, in start
self._test_environment()
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/server_fuzzer.py", line 105, in _test_environment
if self._run_sequence(sequence):
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 74, in _run_sequence
resp = self._transmit(node)
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/server_fuzzer.py", line 53, in _transmit
self.logger.info('Transmit place: {}'.format(place))
Message: 'Transmit place: headers'
Arguments: ()
[INFO ][server_fuzzer._transmit] Transmit place: data
--- Logging error ---
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 934, in emit
self.socket.send(msg)
OSError: [Errno 9] Bad file descriptor
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 855, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 937, in emit
self._connect_unixsocket(self.address)
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 866, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
Call stack:
File "fuzzer.py", line 117, in <module>
prog.run()
File "fuzzer.py", line 54, in run
fuzzer.start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/base.py", line 385, in start
self._test_environment()
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/server_fuzzer.py", line 105, in _test_environment
if self._run_sequence(sequence):
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 74, in _run_sequence
resp = self._transmit(node)
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/server_fuzzer.py", line 53, in _transmit
self.logger.info('Transmit place: {}'.format(place))
Message: 'Transmit place: data'
Arguments: ()
[INFO ][server_fuzzer._transmit] Transmit place: path_variables
--- Logging error ---
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 934, in emit
self.socket.send(msg)
OSError: [Errno 9] Bad file descriptor
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 855, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 937, in emit
self._connect_unixsocket(self.address)
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 866, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
Call stack:
File "fuzzer.py", line 117, in <module>
prog.run()
File "fuzzer.py", line 54, in run
fuzzer.start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/base.py", line 385, in start
self._test_environment()
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/server_fuzzer.py", line 105, in _test_environment
if self._run_sequence(sequence):
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 74, in _run_sequence
resp = self._transmit(node)
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/server_fuzzer.py", line 53, in _transmit
self.logger.info('Transmit place: {}'.format(place))
Message: 'Transmit place: path_variables'
Arguments: ()
[INFO ][fuzzer_target.transmit] URL part: 127.0.0.1:9770/api/task_manager/v2
--- Logging error ---
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 934, in emit
self.socket.send(msg)
OSError: [Errno 9] Bad file descriptor
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 855, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 937, in emit
self._connect_unixsocket(self.address)
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 866, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
Call stack:
File "fuzzer.py", line 117, in <module>
prog.run()
File "fuzzer.py", line 54, in run
fuzzer.start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/base.py", line 385, in start
self._test_environment()
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/server_fuzzer.py", line 105, in _test_environment
if self._run_sequence(sequence):
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 74, in _run_sequence
resp = self._transmit(node)
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/server_fuzzer.py", line 60, in _transmit
return self.target.transmit(**payload)
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/fuzzer_target.py", line 65, in transmit
self.logger.info('URL part: {}'.format(url_part))
Message: 'URL part: 127.0.0.1:9770/api/task_manager/v2'
Arguments: ()
[INFO ][fuzzer_target.transmit] URL part: b'/queues'
--- Logging error ---
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 934, in emit
self.socket.send(msg)
OSError: [Errno 9] Bad file descriptor
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 855, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 937, in emit
self._connect_unixsocket(self.address)
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 866, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
Call stack:
File "fuzzer.py", line 117, in <module>
prog.run()
File "fuzzer.py", line 54, in run
fuzzer.start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/base.py", line 385, in start
self._test_environment()
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/server_fuzzer.py", line 105, in _test_environment
if self._run_sequence(sequence):
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 74, in _run_sequence
resp = self._transmit(node)
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/server_fuzzer.py", line 60, in _transmit
return self.target.transmit(**payload)
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/fuzzer_target.py", line 65, in transmit
self.logger.info('URL part: {}'.format(url_part))
Message: "URL part: b'/queues'"
Arguments: ()
[ERROR ][server_fuzzer._transmit] Error in transmit: a bytes-like object is required, not 'str'
--- Logging error ---
Traceback (most recent call last):
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/server_fuzzer.py", line 60, in _transmit
return self.target.transmit(**payload)
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/fuzzer_target.py", line 66, in transmit
_req_url.append(url_part.strip('/'))
TypeError: a bytes-like object is required, not 'str'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 934, in emit
self.socket.send(msg)
OSError: [Errno 9] Bad file descriptor
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 855, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 937, in emit
self._connect_unixsocket(self.address)
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 866, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
Call stack:
File "fuzzer.py", line 117, in <module>
prog.run()
File "fuzzer.py", line 54, in run
fuzzer.start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/base.py", line 385, in start
self._test_environment()
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/server_fuzzer.py", line 105, in _test_environment
if self._run_sequence(sequence):
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 74, in _run_sequence
resp = self._transmit(node)
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/server_fuzzer.py", line 62, in _transmit
self.logger.error('Error in transmit: %s', e)
Message: 'Error in transmit: %s'
Arguments: (TypeError("a bytes-like object is required, not 'str'"),)
[INFO ][server_fuzzer._test_environment] Environment test failed
--- Logging error ---
Traceback (most recent call last):
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/server_fuzzer.py", line 105, in _test_environment
if self._run_sequence(sequence):
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 74, in _run_sequence
resp = self._transmit(node)
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/server_fuzzer.py", line 60, in _transmit
return self.target.transmit(**payload)
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/fuzzer_target.py", line 66, in transmit
_req_url.append(url_part.strip('/'))
TypeError: a bytes-like object is required, not 'str'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 934, in emit
self.socket.send(msg)
OSError: [Errno 9] Bad file descriptor
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 855, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 937, in emit
self._connect_unixsocket(self.address)
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 866, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
Call stack:
File "fuzzer.py", line 117, in <module>
prog.run()
File "fuzzer.py", line 54, in run
fuzzer.start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/base.py", line 385, in start
self._test_environment()
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/server_fuzzer.py", line 108, in _test_environment
self.logger.info('Environment test failed')
Message: 'Environment test failed'
Arguments: ()
[INFO ][server._start] should keep running? True
--- Logging error ---
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 934, in emit
self.socket.send(msg)
OSError: [Errno 9] Bad file descriptor
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 855, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 937, in emit
self._connect_unixsocket(self.address)
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 866, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
Call stack:
File "fuzzer.py", line 117, in <module>
prog.run()
File "fuzzer.py", line 54, in run
fuzzer.start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/base.py", line 391, in start
self._start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 39, in _start
self.logger.info('should keep running? %s' % self._keep_running())
Message: 'should keep running? True'
Arguments: ()
[INFO ][base._test_info] Current test: 0
--- Logging error ---
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 934, in emit
self.socket.send(msg)
OSError: [Errno 9] Bad file descriptor
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 855, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 937, in emit
self._connect_unixsocket(self.address)
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 866, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
Call stack:
File "fuzzer.py", line 117, in <module>
prog.run()
File "fuzzer.py", line 54, in run
fuzzer.start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/base.py", line 391, in start
self._start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 43, in _start
self._run_sequence(sequence)
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 66, in _run_sequence
self._test_info()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/base.py", line 498, in _test_info
self.logger.info('Current test: %s' % self.model.current_index())
Message: 'Current test: 0'
Arguments: ()
[INFO ][server_fuzzer._transmit] Transmit place: params
--- Logging error ---
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 934, in emit
self.socket.send(msg)
OSError: [Errno 9] Bad file descriptor
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 855, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 937, in emit
self._connect_unixsocket(self.address)
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 866, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
Call stack:
File "fuzzer.py", line 117, in <module>
prog.run()
File "fuzzer.py", line 54, in run
fuzzer.start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/base.py", line 391, in start
self._start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 43, in _start
self._run_sequence(sequence)
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 74, in _run_sequence
resp = self._transmit(node)
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/server_fuzzer.py", line 53, in _transmit
self.logger.info('Transmit place: {}'.format(place))
Message: 'Transmit place: params'
Arguments: ()
[INFO ][server_fuzzer._transmit] Transmit place: headers
--- Logging error ---
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 934, in emit
self.socket.send(msg)
OSError: [Errno 9] Bad file descriptor
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 855, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 937, in emit
self._connect_unixsocket(self.address)
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 866, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
Call stack:
File "fuzzer.py", line 117, in <module>
prog.run()
File "fuzzer.py", line 54, in run
fuzzer.start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/base.py", line 391, in start
self._start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 43, in _start
self._run_sequence(sequence)
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 74, in _run_sequence
resp = self._transmit(node)
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/server_fuzzer.py", line 53, in _transmit
self.logger.info('Transmit place: {}'.format(place))
Message: 'Transmit place: headers'
Arguments: ()
[INFO ][server_fuzzer._transmit] Transmit place: data
--- Logging error ---
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 934, in emit
self.socket.send(msg)
OSError: [Errno 9] Bad file descriptor
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 855, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 937, in emit
self._connect_unixsocket(self.address)
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 866, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
Call stack:
File "fuzzer.py", line 117, in <module>
prog.run()
File "fuzzer.py", line 54, in run
fuzzer.start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/base.py", line 391, in start
self._start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 43, in _start
self._run_sequence(sequence)
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 74, in _run_sequence
resp = self._transmit(node)
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/server_fuzzer.py", line 53, in _transmit
self.logger.info('Transmit place: {}'.format(place))
Message: 'Transmit place: data'
Arguments: ()
[INFO ][server_fuzzer._transmit] Transmit place: path_variables
--- Logging error ---
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 934, in emit
self.socket.send(msg)
OSError: [Errno 9] Bad file descriptor
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 855, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 937, in emit
self._connect_unixsocket(self.address)
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 866, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
Call stack:
File "fuzzer.py", line 117, in <module>
prog.run()
File "fuzzer.py", line 54, in run
fuzzer.start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/base.py", line 391, in start
self._start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 43, in _start
self._run_sequence(sequence)
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 74, in _run_sequence
resp = self._transmit(node)
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/server_fuzzer.py", line 53, in _transmit
self.logger.info('Transmit place: {}'.format(place))
Message: 'Transmit place: path_variables'
Arguments: ()
[INFO ][fuzzer_target.transmit] URL part: 127.0.0.1:9770/api/task_manager/v2
--- Logging error ---
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 934, in emit
self.socket.send(msg)
OSError: [Errno 9] Bad file descriptor
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 855, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 937, in emit
self._connect_unixsocket(self.address)
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 866, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
Call stack:
File "fuzzer.py", line 117, in <module>
prog.run()
File "fuzzer.py", line 54, in run
fuzzer.start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/base.py", line 391, in start
self._start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 43, in _start
self._run_sequence(sequence)
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 74, in _run_sequence
resp = self._transmit(node)
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/server_fuzzer.py", line 60, in _transmit
return self.target.transmit(**payload)
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/fuzzer_target.py", line 65, in transmit
self.logger.info('URL part: {}'.format(url_part))
Message: 'URL part: 127.0.0.1:9770/api/task_manager/v2'
Arguments: ()
[INFO ][fuzzer_target.transmit] URL part: b'/queues'
--- Logging error ---
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 934, in emit
self.socket.send(msg)
OSError: [Errno 9] Bad file descriptor
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 855, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 937, in emit
self._connect_unixsocket(self.address)
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 866, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
Call stack:
File "fuzzer.py", line 117, in <module>
prog.run()
File "fuzzer.py", line 54, in run
fuzzer.start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/base.py", line 391, in start
self._start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 43, in _start
self._run_sequence(sequence)
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 74, in _run_sequence
resp = self._transmit(node)
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/server_fuzzer.py", line 60, in _transmit
return self.target.transmit(**payload)
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/fuzzer_target.py", line 65, in transmit
self.logger.info('URL part: {}'.format(url_part))
Message: "URL part: b'/queues'"
Arguments: ()
[ERROR ][server_fuzzer._transmit] Error in transmit: a bytes-like object is required, not 'str'
--- Logging error ---
Traceback (most recent call last):
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/server_fuzzer.py", line 60, in _transmit
return self.target.transmit(**payload)
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/fuzzer_target.py", line 66, in transmit
_req_url.append(url_part.strip('/'))
TypeError: a bytes-like object is required, not 'str'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 934, in emit
self.socket.send(msg)
OSError: [Errno 9] Bad file descriptor
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 855, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 937, in emit
self._connect_unixsocket(self.address)
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 866, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
Call stack:
File "fuzzer.py", line 117, in <module>
prog.run()
File "fuzzer.py", line 54, in run
fuzzer.start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/base.py", line 391, in start
self._start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 43, in _start
self._run_sequence(sequence)
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 74, in _run_sequence
resp = self._transmit(node)
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/server_fuzzer.py", line 62, in _transmit
self.logger.error('Error in transmit: %s', e)
Message: 'Error in transmit: %s'
Arguments: (TypeError("a bytes-like object is required, not 'str'"),)
[ERROR ][server._start] Error occurred while fuzzing: TypeError("a bytes-like object is required, not 'str'")
--- Logging error ---
Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 43, in _start
self._run_sequence(sequence)
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 74, in _run_sequence
resp = self._transmit(node)
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/server_fuzzer.py", line 60, in _transmit
return self.target.transmit(**payload)
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/fuzzer_target.py", line 66, in transmit
_req_url.append(url_part.strip('/'))
TypeError: a bytes-like object is required, not 'str'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 934, in emit
self.socket.send(msg)
OSError: [Errno 9] Bad file descriptor
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 855, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 937, in emit
self._connect_unixsocket(self.address)
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 866, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
Call stack:
File "fuzzer.py", line 117, in <module>
prog.run()
File "fuzzer.py", line 54, in run
fuzzer.start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/base.py", line 391, in start
self._start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 45, in _start
self.logger.error('Error occurred while fuzzing: %s', repr(e))
Message: 'Error occurred while fuzzing: %s'
Arguments: ('TypeError("a bytes-like object is required, not \'str\'")',)
[ERROR ][server._start] Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 43, in _start
self._run_sequence(sequence)
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 74, in _run_sequence
resp = self._transmit(node)
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/server_fuzzer.py", line 60, in _transmit
return self.target.transmit(**payload)
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/fuzzer_target.py", line 66, in transmit
_req_url.append(url_part.strip('/'))
TypeError: a bytes-like object is required, not 'str'
--- Logging error ---
Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 43, in _start
self._run_sequence(sequence)
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 74, in _run_sequence
resp = self._transmit(node)
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/server_fuzzer.py", line 60, in _transmit
return self.target.transmit(**payload)
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/fuzzer_target.py", line 66, in transmit
_req_url.append(url_part.strip('/'))
TypeError: a bytes-like object is required, not 'str'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 934, in emit
self.socket.send(msg)
OSError: [Errno 9] Bad file descriptor
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 855, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 937, in emit
self._connect_unixsocket(self.address)
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 866, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
Call stack:
File "fuzzer.py", line 117, in <module>
prog.run()
File "fuzzer.py", line 54, in run
fuzzer.start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/base.py", line 391, in start
self._start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 46, in _start
self.logger.error(traceback.format_exc())
Message: 'Traceback (most recent call last):\n File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 43, in _start\n self._run_sequence(sequence)\n File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 74, in _run_sequence\n resp = self._transmit(node)\n File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/server_fuzzer.py", line 60, in _transmit\n return self.target.transmit(**payload)\n File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/fuzzer_target.py", line 66, in transmit\n _req_url.append(url_part.strip(\'/\'))\nTypeError: a bytes-like object is required, not \'str\'\n'
Arguments: ()
[INFO ][base._end_message]
--------------------------------------------------
Finished fuzzing session
Target: FuzzerTarget
Tested 1 mutation
Failure count: 0
--------------------------------------------------
--- Logging error ---
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 934, in emit
self.socket.send(msg)
OSError: [Errno 9] Bad file descriptor
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 855, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 937, in emit
self._connect_unixsocket(self.address)
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 866, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
Call stack:
File "fuzzer.py", line 117, in <module>
prog.run()
File "fuzzer.py", line 54, in run
fuzzer.start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/base.py", line 391, in start
self._start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 48, in _start
self._end_message()
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/server_fuzzer.py", line 39, in _end_message
super(OpenApiServerFuzzer, self)._end_message()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/base.py", line 493, in _end_message
self.session_info.failure_count
Message: '\n --------------------------------------------------\n Finished fuzzing session\n Target: %s\n\n Tested %d mutation%s\n Failure count: %d\n --------------------------------------------------\n '
Arguments: ('FuzzerTarget', 1, '', 0)
[INFO ][server_fuzzer._end_message] Stop fuzzing session_info: {'start_time': 1568791885.3502212, 'start_index': 0, 'end_index': 1113919, 'current_index': 1, 'failure_count': 0, 'kitty_version': '0.7.4', 'data_model_hash': 3273593218446261471, 'test_list_str': '0-1113919'}
--- Logging error ---
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 934, in emit
self.socket.send(msg)
OSError: [Errno 9] Bad file descriptor
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 855, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 937, in emit
self._connect_unixsocket(self.address)
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/logging/handlers.py", line 866, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
Call stack:
File "fuzzer.py", line 117, in <module>
prog.run()
File "fuzzer.py", line 54, in run
fuzzer.start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/base.py", line 391, in start
self._start()
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 48, in _start
self._end_message()
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/server_fuzzer.py", line 41, in _end_message
self.logger.info('Stop fuzzing session_info: {}'.format(self.session_info.as_dict()))
Message: "Stop fuzzing session_info: {'start_time': 1568791885.3502212, 'start_index': 0, 'end_index': 1113919, 'current_index': 1, 'failure_count': 0, 'kitty_version': '0.7.4', 'data_model_hash': 3273593218446261471, 'test_list_str': '0-1113919'}"
Arguments: ()
Log from ./kittylogs
:
[2019-09-18 10:33:07,480] [INFO] [fuzzer_target.__init__] -> Logger initialized
[2019-09-18 10:33:08,066] [INFO] [base._load_session] -> No session loaded
[2019-09-18 10:33:08,110] [INFO] [base._start_message] ->
--------------------------------------------------
Starting fuzzing session
Target: FuzzerTarget
UI: WebInterface listening on 127.0.0.1:26000
Log: ./kittylogs/kitty_20190918-103307.log
Total possible mutation count: 1113920
--------------------------------------------------
Happy hacking
--------------------------------------------------
[2019-09-18 10:33:08,111] [INFO] [base.start] -> Performing environment test
[2019-09-18 10:33:08,112] [INFO] [base._test_info] -> Current test: -1
[2019-09-18 10:33:08,113] [INFO] [server_fuzzer._transmit] -> Transmit place: params
[2019-09-18 10:33:08,114] [INFO] [server_fuzzer._transmit] -> Transmit place: headers
[2019-09-18 10:33:08,115] [INFO] [server_fuzzer._transmit] -> Transmit place: data
[2019-09-18 10:33:08,115] [INFO] [server_fuzzer._transmit] -> Transmit place: path_variables
[2019-09-18 10:33:08,116] [INFO] [fuzzer_target.transmit] -> URL part: 127.0.0.1:9770/api/task_manager/v2
[2019-09-18 10:33:08,116] [INFO] [fuzzer_target.transmit] -> URL part: b'/queues'
[2019-09-18 10:33:08,118] [ERROR] [server_fuzzer._transmit] -> Error in transmit: a bytes-like object is required, not 'str'
[2019-09-18 10:33:08,119] [INFO] [server_fuzzer._test_environment] -> Environment test failed
[2019-09-18 10:33:08,119] [INFO] [server._start] -> should keep running? True
[2019-09-18 10:33:08,123] [INFO] [base._test_info] -> Current test: 0
[2019-09-18 10:33:08,123] [INFO] [server_fuzzer._transmit] -> Transmit place: params
[2019-09-18 10:33:08,124] [INFO] [server_fuzzer._transmit] -> Transmit place: headers
[2019-09-18 10:33:08,124] [INFO] [server_fuzzer._transmit] -> Transmit place: data
[2019-09-18 10:33:08,125] [INFO] [server_fuzzer._transmit] -> Transmit place: path_variables
[2019-09-18 10:33:08,125] [INFO] [fuzzer_target.transmit] -> URL part: 127.0.0.1:9770/api/task_manager/v2
[2019-09-18 10:33:08,125] [INFO] [fuzzer_target.transmit] -> URL part: b'/queues'
[2019-09-18 10:33:08,127] [ERROR] [server_fuzzer._transmit] -> Error in transmit: a bytes-like object is required, not 'str'
[2019-09-18 10:33:08,127] [ERROR] [server._start] -> Error occurred while fuzzing: TypeError("a bytes-like object is required, not 'str'")
[2019-09-18 10:33:08,128] [ERROR] [server._start] -> Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 43, in _start
self._run_sequence(sequence)
File "/usr/local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 74, in _run_sequence
resp = self._transmit(node)
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/server_fuzzer.py", line 60, in _transmit
return self.target.transmit(**payload)
File "/Users/vlapatin/src/acronis/APIFuzzer/apifuzzer/fuzzer_target.py", line 66, in transmit
_req_url.append(url_part.strip('/'))
TypeError: a bytes-like object is required, not 'str'
[2019-09-18 10:33:08,128] [INFO] [base._end_message] ->
--------------------------------------------------
Finished fuzzing session
Target: FuzzerTarget
Tested 1 mutation
Failure count: 0
--------------------------------------------------
[2019-09-18 10:33:08,129] [INFO] [server_fuzzer._end_message] -> Stop fuzzing session_info: {'start_time': 1568791988.110522, 'start_index': 0, 'end_index': 1113919, 'current_index': 1, 'failure_count': 0, 'kitty_version': '0.7.4', 'data_model_hash': -194456617570993828, 'test_list_str': '0-1113919'}
Describe the bug
Destination URL can't be extracted from OpenAPI definition files, because function compile_base_url() calls _compile_base_url_for_swagger() in all situations (probably a copy/paste error)
Executed command
APIFuzzer --src_url https://petstore3.swagger.io/api/v3/openapi.json
APIFuzzer debug log
Unexpected exception happened during fuzz test preparation: 'schemes'. Feel free to report the issue
Related API definition
Publicly available at https://petstore3.swagger.io/api/v3/openapi.json
Software environment (please complete the following information):
Using Python 3 ad running pip3 install -r requirements.txt
fails to install a dependency and produces the following error:
WARNING: Generating metadata for package kittyfuzzer produced metadata for project name kittyfuzzer-remote. Fix your #egg=kittyfuzzer fragments.
Which leads to the following error when running fuzzer.py
with python3:
File "fuzzer.py", line 15, in <module>
from kitty.interfaces import WebInterface
ModuleNotFoundError: No module named 'kitty.interfaces'
The error can be reproduced with the following dockerfile and running the command docker build . -t api-fuzzer; docker run -it api-fuzzer
FROM alpine:3.7
RUN apk add --no-cache git && \
apk add --no-cache python3 && \
python3 -m ensurepip && \
rm -r /usr/lib/python*/ensurepip && \
pip3 install --upgrade pip setuptools && \
rm -r /root/.cache
RUN git clone https://github.com/KissPeter/APIFuzzer.git /root/APIFuzzer
RUN pip3 install -r /root/APIFuzzer/requirements.txt
WORKDIR /root/APIFuzzer
ENTRYPOINT python3 fuzzer.py
[INFO ][fuzz_request_sender.__init__] Logger initialized
19112 [INFO] kitty: Logger initialized
Traceback (most recent call last):
File ".\APIFuzzer.py", line 113, in <module>
prog.run()
File "c:\Users\IB\Downloads\PG_res\here\swagger-codegen\APIFuzzer-develop\apifuzzer\fuzzer.py", line 44, in run
model.connect(template.compile_template())
File "c:\Users\IB\Downloads\PG_res\here\swagger-codegen\APIFuzzer-develop\apifuzzer\base_template.py", line 43, in compile_template
template.append_fields([Container(name=name, fields=field)])
File "C:\Users\IB\Anaconda3\envs\api-test\lib\site-packages\kitty\model\low_level\container.py", line 65, in __init__
self.replace_fields(fields)
File "C:\Users\IB\Anaconda3\envs\api-test\lib\site-packages\kitty\model\low_level\container.py", line 333, in replace_fields
self.append_fields(new_fields)
File "C:\Users\IB\Anaconda3\envs\api-test\lib\site-packages\kitty\model\low_level\container.py", line 253, in append_fields
self.push(field)
File "C:\Users\IB\Anaconda3\envs\api-test\lib\site-packages\kitty\model\low_level\container.py", line 320, in push
raise KittyException('field with the name (%s) already exists in this container' % (name))
kitty.core.KittyException: field with the name (api+v1+tender+create|post|StartDate) already exists in this container
APIFuzzer 0.9
Describe the bug
When loading APIFuzzer, receive an error related to "schemes"
APIFuzzer debug log
It's long, but here's a representative sample from the end:
1 [ INFO] APIFuzzer.OpenAPITemplateGenerator [openapi_template_generator.py:185 - _process_api_resources ]: Resource: / Method: get Parameter: {'name': 'x-forwarded-proto', 'in': 'header', 'type': 'string'}, Parameter place: header, Sample data: asd, Param name: |get|x-forwarded-proto, fuzzer: RandomBitsField
1 [ INFO] APIFuzzer.OpenAPITemplateGenerator [openapi_template_generator.py:185 - _process_api_resources ]: Resource: / Method: get Parameter: {'name': 'x-real-ip', 'in': 'header', 'type': 'string', 'format': 'ip'}, Parameter place: header, Sample data: asd, Param name: |get|x-real-ip, fuzzer: RandomBitsField
1 [ INFO] APIFuzzer.OpenAPITemplateGenerator [openapi_template_generator.py:185 - _process_api_resources ]: Resource: / Method: get Parameter: {'name': 'x-request-id', 'in': 'header', 'type': 'string'}, Parameter place: header, Sample data: asd, Param name: |get|x-request-id, fuzzer: UnicodeStrings
1 [ INFO] APIFuzzer.OpenAPITemplateGenerator [openapi_template_generator.py:185 - _process_api_resources ]: Resource: / Method: get Parameter: {'name': 'x-scheme', 'in': 'header', 'type': 'string'}, Parameter place: header, Sample data: asd, Param name: |get|x-scheme, fuzzer: RandomBitsField
1 [ INFO] APIFuzzer.BaseTemplate [base_template.py:45 - get_stat ]: Template size: 15, content: {'params': set(), 'headers': {|get|x-forwarded-host->b'\xff\xfea\x00s\x00d\x00', |get|x-real-ip->b'\xff\xfea\x00s\x00d\x00', |get|user-agent->b'\xff\xfea\x00s\x00d\x00', |get|upgrade-insecure-requests->b'\xff\xfea\x00s\x00d\x00', |get|x-scheme->b'\xff\xfea\x00s\x00d\x00', |get|x-forwarded-for->b'\xff\xfea\x00s\x00d\x00', |get|x-request-id->b'\xff\xfea\x00s\x00d\x00', |get|accept-encoding->b'\xff\xfea\x00s\x00d\x00', |get|via->b'\xff\xfea\x00s\x00d\x00', |get|x-forwarded-proto->b'\xff\xfea\x00s\x00d\x00', |get|host->b'\xff\xfea\x00s\x00d\x00', |get|x-forwarded-port->b'\xff\xfea\x00s\x00d\x00', |get|content-length->b'\xff\xfea\x00s\x00d\x00', |get|accept-language->b'\xff\xfea\x00s\x00d\x00', |get|if-none-match->b'\xff\xfea\x00s\x00d\x00'}, 'data': set(), 'path_variables': set(), 'cookies': set(), 'query': set(), 'content_type': ''}
1 [ DEBUG] APIFuzzer.OpenAPITemplateGenerator [openapi_template_generator.py:82 - _save_template ]: Adding template to list: |get, templates list: 4
Unexpected exception happened during fuzz test preparation: 'schemes'. Feel free to report the issue
Related API definition
Here's the whole OAS file:
{
"openapi" : "3.0.1",
"info" : {
"title" : "aaron-hybrid",
"description" : "OAS export of Salt Security Api Discovery",
"version" : "1.0.0"
},
"servers" : [ {
"url" : "http://kong-ent1:8000/v1/"
} ],
"paths" : {
"/users/{userId}" : {
"get" : {
"operationId" : "610cb99d160000d4253fce69",
"parameters" : [ {
"name" : "accept-encoding",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "accept-language",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "cache-control",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "content-length",
"in" : "header",
"schema" : {
"type" : "string",
"format" : "number"
}
}, {
"name" : "host",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "if-none-match",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "pragma",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "sec-fetch-dest",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "sec-fetch-mode",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "sec-fetch-site",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "sec-fetch-user",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "upgrade-insecure-requests",
"in" : "header",
"schema" : {
"type" : "string",
"format" : "number"
}
}, {
"name" : "user-agent",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "x-forwarded-for",
"in" : "header",
"schema" : {
"type" : "string",
"format" : "ip"
}
}, {
"name" : "x-forwarded-host",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "x-forwarded-port",
"in" : "header",
"schema" : {
"type" : "string",
"format" : "number"
}
}, {
"name" : "x-forwarded-proto",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "x-real-ip",
"in" : "header",
"schema" : {
"type" : "string",
"format" : "ip"
}
}, {
"name" : "x-request-id",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "x-scheme",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "userId",
"in" : "path",
"required" : true,
"schema" : {
"type" : "string",
"format" : "number"
}
} ],
"responses" : {
"default" : {
"description" : "default"
}
}
}
},
"/users/{name}" : {
"get" : {
"operationId" : "6129c98e310000d7eee6d692",
"parameters" : [ {
"name" : "accept-encoding",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "accept-language",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "cache-control",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "content-length",
"in" : "header",
"schema" : {
"type" : "string",
"format" : "number"
}
}, {
"name" : "host",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "pragma",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "sec-fetch-dest",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "sec-fetch-mode",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "sec-fetch-site",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "sec-fetch-user",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "upgrade-insecure-requests",
"in" : "header",
"schema" : {
"type" : "string",
"format" : "number"
}
}, {
"name" : "user-agent",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "x-forwarded-for",
"in" : "header",
"schema" : {
"type" : "string",
"format" : "ip"
}
}, {
"name" : "x-forwarded-host",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "x-forwarded-port",
"in" : "header",
"schema" : {
"type" : "string",
"format" : "number"
}
}, {
"name" : "x-forwarded-proto",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "x-real-ip",
"in" : "header",
"schema" : {
"type" : "string",
"format" : "ip"
}
}, {
"name" : "x-request-id",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "x-scheme",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "name",
"in" : "path",
"required" : true,
"schema" : {
"type" : "string"
}
} ],
"responses" : {
"default" : {
"description" : "default"
}
}
}
},
"/users" : {
"get" : {
"operationId" : "610cb99d160000d4253fce67",
"parameters" : [ {
"name" : "accept-encoding",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "accept-language",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "cache-control",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "connection",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "content-length",
"in" : "header",
"schema" : {
"type" : "string",
"format" : "number"
}
}, {
"name" : "host",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "if-none-match",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "pragma",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "sec-fetch-dest",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "sec-fetch-mode",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "sec-fetch-site",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "sec-fetch-user",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "sec-websocket-key",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "sec-websocket-version",
"in" : "header",
"schema" : {
"type" : "string",
"format" : "number"
}
}, {
"name" : "upgrade",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "upgrade-insecure-requests",
"in" : "header",
"schema" : {
"type" : "string",
"format" : "number"
}
}, {
"name" : "user-agent",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "via",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "x-forwarded-for",
"in" : "header",
"schema" : {
"type" : "string",
"format" : "ip"
}
}, {
"name" : "x-forwarded-host",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "x-forwarded-port",
"in" : "header",
"schema" : {
"type" : "string",
"format" : "number"
}
}, {
"name" : "x-forwarded-proto",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "x-real-ip",
"in" : "header",
"schema" : {
"type" : "string",
"format" : "ip"
}
}, {
"name" : "x-request-id",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "x-scheme",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "01d1dc2c9d",
"in" : "query",
"schema" : {
"type" : "string",
"format" : "xss"
}
}, {
"name" : "1b3c2eb3ba",
"in" : "query",
"schema" : {
"type" : "string"
}
}, {
"name" : "2a9c0caa8e",
"in" : "query",
"schema" : {
"type" : "string"
}
}, {
"name" : "2cbf6b5db3",
"in" : "query",
"schema" : {
"type" : "string"
}
}, {
"name" : "2f8bc5c3f1",
"in" : "query",
"schema" : {
"type" : "string",
"format" : "xss"
}
}, {
"name" : "35ef4aebbb",
"in" : "query",
"schema" : {
"type" : "string",
"format" : "xss"
}
}, {
"name" : "3d6dc4adac",
"in" : "query",
"schema" : {
"type" : "string",
"format" : "xss"
}
}, {
"name" : "3fab2decbd",
"in" : "query",
"schema" : {
"type" : "string"
}
}, {
"name" : "42b4fd9afa",
"in" : "query",
"schema" : {
"type" : "string",
"format" : "xss"
}
}, {
"name" : "50a0afa2c4",
"in" : "query",
"schema" : {
"type" : "string"
}
}, {
"name" : "50abbf1c56",
"in" : "query",
"schema" : {
"type" : "string"
}
}, {
"name" : "51ec5de1f5",
"in" : "query",
"schema" : {
"type" : "string"
}
}, {
"name" : "5dbe4ece48",
"in" : "query",
"schema" : {
"type" : "string",
"format" : "xss"
}
}, {
"name" : "5edf8bb6fe",
"in" : "query",
"schema" : {
"type" : "string"
}
}, {
"name" : "69a4e6aafd",
"in" : "query",
"schema" : {
"type" : "string"
}
}, {
"name" : "6f1c4e1d14",
"in" : "query",
"schema" : {
"type" : "string",
"format" : "xss"
}
}, {
"name" : "70a2fcf9c9",
"in" : "query",
"schema" : {
"type" : "string",
"format" : "xss"
}
}, {
"name" : "79bff1dced",
"in" : "query",
"schema" : {
"type" : "string"
}
}, {
"name" : "79fbdeccb0",
"in" : "query",
"schema" : {
"type" : "string"
}
}, {
"name" : "83d3fca9e3",
"in" : "query",
"schema" : {
"type" : "string",
"format" : "xss"
}
}, {
"name" : "98b9f5fb5f",
"in" : "query",
"schema" : {
"type" : "string"
}
}, {
"name" : "99a7daff0d",
"in" : "query",
"schema" : {
"type" : "string",
"format" : "xss"
}
}, {
"name" : "9ac4fb0e33",
"in" : "query",
"schema" : {
"type" : "string"
}
}, {
"name" : "9df1c5da41",
"in" : "query",
"schema" : {
"type" : "string"
}
}, {
"name" : "a4ffcfe1d2",
"in" : "query",
"schema" : {
"type" : "string",
"format" : "xss"
}
}, {
"name" : "ac4da7f2e5",
"in" : "query",
"schema" : {
"type" : "string",
"format" : "xss"
}
}, {
"name" : "ae8ec5cb4a",
"in" : "query",
"schema" : {
"type" : "string"
}
}, {
"name" : "afdfe5c3ca",
"in" : "query",
"schema" : {
"type" : "string"
}
}, {
"name" : "bfbb5eefdd",
"in" : "query",
"schema" : {
"type" : "string",
"format" : "xss"
}
}, {
"name" : "bffecfc1cb",
"in" : "query",
"schema" : {
"type" : "string"
}
}, {
"name" : "c0df9d4cfc",
"in" : "query",
"schema" : {
"type" : "string",
"format" : "xss"
}
}, {
"name" : "ccdcf6ae30",
"in" : "query",
"schema" : {
"type" : "string",
"format" : "xss"
}
}, {
"name" : "d3afb2fa95",
"in" : "query",
"schema" : {
"type" : "string",
"format" : "xss"
}
}, {
"name" : "d3e3ceb8bf",
"in" : "query",
"schema" : {
"type" : "string"
}
}, {
"name" : "e7ba4cf8fc",
"in" : "query",
"schema" : {
"type" : "string",
"format" : "xss"
}
}, {
"name" : "f2c7cff1a4",
"in" : "query",
"schema" : {
"type" : "string"
}
}, {
"name" : "fa6e1a9c7c",
"in" : "query",
"schema" : {
"type" : "string",
"format" : "xss"
}
}, {
"name" : "😈",
"in" : "query",
"schema" : {
"type" : "string",
"format" : "uri"
}
} ],
"responses" : {
"default" : {
"description" : "default"
}
}
}
},
"/" : {
"get" : {
"operationId" : "611a1d4a2a0000c9694edf70",
"parameters" : [ {
"name" : "accept-encoding",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "accept-language",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "content-length",
"in" : "header",
"schema" : {
"type" : "string",
"format" : "number"
}
}, {
"name" : "host",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "if-none-match",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "upgrade-insecure-requests",
"in" : "header",
"schema" : {
"type" : "string",
"format" : "number"
}
}, {
"name" : "user-agent",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "via",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "x-forwarded-for",
"in" : "header",
"schema" : {
"type" : "string",
"format" : "ip"
}
}, {
"name" : "x-forwarded-host",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "x-forwarded-port",
"in" : "header",
"schema" : {
"type" : "string",
"format" : "number"
}
}, {
"name" : "x-forwarded-proto",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "x-real-ip",
"in" : "header",
"schema" : {
"type" : "string",
"format" : "ip"
}
}, {
"name" : "x-request-id",
"in" : "header",
"schema" : {
"type" : "string"
}
}, {
"name" : "x-scheme",
"in" : "header",
"schema" : {
"type" : "string"
}
} ],
"responses" : {
"default" : {
"description" : "default"
}
}
}
}
}
}
Software environment (please complete the following information):
Additional context
I'm running APIFuzzer as a Docker container and have made it part of a Docker Compose stack. It shouldn't make a difference but wanted you to be aware.
The fuzzer should generate proper request for the application/x-protobuf
type
As a user,
I want to pass a path to swagger.json
both as a file and as a URL
Example:
fuzzer.py -s api-docs.json -u http://localhost:8080
fuzzer.py -s http://localhost:8080/v2/api-docs -u http://localhost:8080
Reasoning:
This will allow to simplify integrating fuzzing in CI process by removing intermediate step of persisting a swagger definition locally.
How to reproduce:
run dd38bcf
against https://github.com/LyashenkoGS/springboot_swagger_example/commit/13636377d2074755816f8fa1152c962ceb5e5d07
Actual behavior:
After the error message, you can't close the application by pressing ctrl+c
Tested on Ubuntu 16.04
/usr/bin/python2.7 /home/vagrant/APIFuzzer/fuzzer.py -s swagger.json -u http://localhost:8080
/product/show/{id}
get
id
someOptionalHeader
/product/delete/{id}
delete
id
someOptionalHeader
/product/list
get
someOptionalHeader
/product/add
post
product
someOptionalHeader
/product/update/{id}
put
id
product
someOptionalHeader
[INFO ][base._load_session] No session loaded
[INFO ][base._start_message]
--------------------------------------------------
Starting fuzzing session
Target: FuzzerTarget
UI: WebInterface listening on 127.0.0.1:26000
Log: ./kittylogs/kitty_20180206-131801.log
Total possible mutation count: 720
--------------------------------------------------
Happy hacking
--------------------------------------------------
[INFO ][base.start] Performing environment test
[INFO ][base._test_info] Current test: -1
[WARNING ][server_fuzzer._transmit] Exception occurred: field named (product_show{id}_GET|Template|default:0x2f70726f647563742f73686f772f7b69647d47455461736400) was not found in (params)
[WARNING ][server_fuzzer._transmit] Exception occurred: field named (product_show{id}_GET|Template|default:0x2f70726f647563742f73686f772f7b69647d47455461736400) was not found in (path_variables)
[ERROR ][server_fuzzer._transmit] Error in transmit: 'NoneType' object has no attribute 'getitem'
[INFO ][server._test_environment] Environment test failed
[ERROR ][base.start] Error occurred while fuzzing: TypeError("'NoneType' object has no attribute 'getitem'",)
[ERROR ][base.start] Traceback (most recent call last):
File "/home/vagrant/.local/lib/python2.7/site-packages/kitty/fuzzers/base.py", line 384, in start
self._test_environment()
File "/home/vagrant/.local/lib/python2.7/site-packages/kitty/fuzzers/server.py", line 53, in _test_environment
if self._run_sequence(sequence):
File "/home/vagrant/.local/lib/python2.7/site-packages/kitty/fuzzers/server.py", line 74, in _run_sequence
resp = self._transmit(node)
File "/home/vagrant/APIFuzzer/apifuzzer/server_fuzzer.py", line 53, in _transmit
return self.target.transmit(**payload)
File "/home/vagrant/APIFuzzer/apifuzzer/fuzzer_target.py", line 50, in transmit
kwargs['url'] = self.expand_path_variables(kwargs.get('path_variables'), kwargs['url'])
File "/home/vagrant/APIFuzzer/apifuzzer/fuzzer_target.py", line 104, in expand_path_variables
value = params[''.join(placeholder).decode('utf-8')]
TypeError: 'NoneType' object has no attribute 'getitem'
As a user, I want to pass authorization headers that will be used with each request
as command line parameters. Assumed that credentials will be stored in a CI server and passed as environment variables.
Example:
python fuzzer.py -s your_swagger_definition.json -u http://localhost:8080/ --headers {"authorization": 'Bearer an-authorization-token', "authorization-claims": 'azazadsfdsf'}
Trying to run the test server gives the following error:
Traceback (most recent call last):
File "test_application.py", line 6, in <module>
from apifuzzer.utils import try_b64encode
ModuleNotFoundError: No module named 'apifuzzer'
OpenAPI Specification v2 (Swagger) support data types for fields. See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md
Need to implement parsing swagger.json to a data model with according field types
and perform mutations based on this types.
See http://kitty.readthedocs.io/en/latest/data_model/big_list_of_fields.html
Describe the bug
The -h options says both -v and --version should work, but only -v does. --version throws an error.
APIFuzzer debug log
# APIFuzzer --log debug --version
usage: APIFuzzer [-h] [-s SRC_FILE] [--src_url SRC_URL] [-r REPORT_DIR] [--level LEVEL] [-u ALTERNATE_URL] [-t TEST_RESULT_DST]
[--log {critical,fatal,error,warn,warning,info,debug,notset}] [--basic_output BASIC_OUTPUT] [--headers HEADERS]
[-v ,--version]
APIFuzzer: error: unrecognized arguments: --version
Related API definition
n/a
Software environment (please complete the following information):
Additional context
Add any other context about the problem here.
Where can I find information about how to interpret !! Failure detected !!
in kitty log files, e.g. ./kittylogs/kitty_20180314-114844.log
?
Relates to request and response logging: #4
Need to create a simple application or use existed one that :
Currently, the https://github.com/LyashenkoGS/springboot_swagger_example/releases/tag/0.0.1-SNAPSHOT is used, so the application might be based on it.
Describe the bug
unable to install APIFuzzer, throws error
APIFuzzer debug log
Please provide the related APIFuzzer debug log
Collecting APIFuzzer
Using cached APIFuzzer-0.9.13-py3-none-any.whl (38 kB)
Requirement already satisfied: kittyfuzzer==0.7.4 in ./.venv/lib/python3.11/site-packages (from APIFuzzer) (0.7.4)
Collecting pycurl==7.43.0.6 (from APIFuzzer)
Using cached pycurl-7.43.0.6.tar.gz (222 kB)
Preparing metadata (setup.py) ... done
Requirement already satisfied: ruamel.yaml==0.16.12 in ./.venv/lib/python3.11/site-packages (from APIFuzzer) (0.16.12)
Requirement already satisfied: junit-xml==1.9 in ./.venv/lib/python3.11/site-packages (from APIFuzzer) (1.9)
Requirement already satisfied: jsonpath-ng==1.5.2 in ./.venv/lib/python3.11/site-packages (from APIFuzzer) (1.5.2)
Requirement already satisfied: PyYAML==6.0 in ./.venv/lib/python3.11/site-packages (from APIFuzzer) (6.0)
Requirement already satisfied: json-ref-dict>=0.7.1 in ./.venv/lib/python3.11/site-packages (from APIFuzzer) (0.7.2)
Requirement already satisfied: ply in ./.venv/lib/python3.11/site-packages (from jsonpath-ng==1.5.2->APIFuzzer) (3.11)
Requirement already satisfied: decorator in ./.venv/lib/python3.11/site-packages (from jsonpath-ng==1.5.2->APIFuzzer) (5.1.1)
Requirement already satisfied: six in ./.venv/lib/python3.11/site-packages (from jsonpath-ng==1.5.2->APIFuzzer) (1.16.0)
Requirement already satisfied: docopt in ./.venv/lib/python3.11/site-packages (from kittyfuzzer==0.7.4->APIFuzzer) (0.6.2)
Requirement already satisfied: bitstring in ./.venv/lib/python3.11/site-packages (from kittyfuzzer==0.7.4->APIFuzzer) (4.1.4)
Requirement already satisfied: requests in ./.venv/lib/python3.11/site-packages (from kittyfuzzer==0.7.4->APIFuzzer) (2.31.0)
Requirement already satisfied: jsonpointer~=2.0 in ./.venv/lib/python3.11/site-packages (from json-ref-dict>=0.7.1->APIFuzzer) (2.4)
Requirement already satisfied: bitarray<3.0.0,>=2.8.0 in ./.venv/lib/python3.11/site-packages (from bitstring->kittyfuzzer==0.7.4->APIFuzzer) (2.9.2)
Requirement already satisfied: charset-normalizer<4,>=2 in ./.venv/lib/python3.11/site-packages (from requests->kittyfuzzer==0.7.4->APIFuzzer) (3.3.2)
Requirement already satisfied: idna<4,>=2.5 in ./.venv/lib/python3.11/site-packages (from requests->kittyfuzzer==0.7.4->APIFuzzer) (3.6)
Requirement already satisfied: urllib3<3,>=1.21.1 in ./.venv/lib/python3.11/site-packages (from requests->kittyfuzzer==0.7.4->APIFuzzer) (2.2.0)
Requirement already satisfied: certifi>=2017.4.17 in ./.venv/lib/python3.11/site-packages (from requests->kittyfuzzer==0.7.4->APIFuzzer) (2024.2.2)
Building wheels for collected packages: pycurl
Building wheel for pycurl (setup.py) ... error
error: subprocess-exited-with-error
× python setup.py bdist_wheel did not run successfully.
│ exit code: 1
╰─> [444 lines of output]
/private/var/folders/x9/mpsf7mlx5yj3fchvy4nw9h0m0000gs/T/pip-install-d9o4zaho/pycurl_620a480ac6da4440919e9485912e15ce/setup.py:933: DeprecationWarning: distutils Version classes are deprecated. Use packaging.version instead.
if LooseVersion(distutils.version) > LooseVersion("1.0.1"):
/private/var/folders/x9/mpsf7mlx5yj3fchvy4nw9h0m0000gs/T/pip-install-d9o4zaho/pycurl_620a480ac6da4440919e9485912e15ce/setup.py:935: DeprecationWarning: distutils Version classes are deprecated. Use packaging.version instead.
if LooseVersion(distutils.version) < LooseVersion("1.0.3"):
Using curl-config (libcurl 7.88.1)
Warning: libcurl is configured to use SSL, but we have not been able to determine which SSL backend it is using. If your Curl is built against OpenSSL, LibreSSL, BoringSSL, GnuTLS, NSS or mbedTLS please specify the SSL backend manually. For other SSL backends please ignore this message.Not using an SSL library
running bdist_wheel
running build
running build_py
creating build
creating build/lib.macosx-10.9-universal2-cpython-311
creating build/lib.macosx-10.9-universal2-cpython-311/curl
copying python/curl/init.py -> build/lib.macosx-10.9-universal2-cpython-311/curl
running build_ext
building 'pycurl' extension
creating build/temp.macosx-10.9-universal2-cpython-311
creating build/temp.macosx-10.9-universal2-cpython-311/src
clang -Wsign-compare -Wunreachable-code -fno-common -dynamic -DNDEBUG -g -fwrapv -O3 -Wall -arch arm64 -arch x86_64 -g -DPYCURL_VERSION="7.43.0.6" -DHAVE_CURL_SSL=1 -I/Users/shubham.mantri/newApifuzzers/pythonProject/.venv/include -I/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11 -c src/docstrings.c -o build/temp.macosx-10.9-universal2-cpython-311/src/docstrings.o
In file included from src/docstrings.c:4:
src/pycurl.h:227:5: warning: "libcurl was compiled with SSL support, but configure could not determine which " "library was used; thus no SSL crypto locking callbacks will be set, which may " "cause random crashes on SSL requests" [-W#warnings]
# warning
^
1 warning generated.
In file included from src/docstrings.c:4:
src/pycurl.h:227:5: warning: "libcurl was compiled with SSL support, but configure could not determine which " "library was used; thus no SSL crypto locking callbacks will be set, which may " "cause random crashes on SSL requests" [-W#warnings]
# warning
^
1 warning generated.
clang -Wsign-compare -Wunreachable-code -fno-common -dynamic -DNDEBUG -g -fwrapv -O3 -Wall -arch arm64 -arch x86_64 -g -DPYCURL_VERSION="7.43.0.6" -DHAVE_CURL_SSL=1 -I/Users/shubham.mantri/newApifuzzers/pythonProject/.venv/include -I/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11 -c src/easy.c -o build/temp.macosx-10.9-universal2-cpython-311/src/easy.o
In file included from src/easy.c:1:
src/pycurl.h:227:5: warning: "libcurl was compiled with SSL support, but configure could not determine which " "library was used; thus no SSL crypto locking callbacks will be set, which may " "cause random crashes on SSL requests" [-W#warnings]
# warning
^
src/easy.c:283:5: warning: 'UsingDeprecatedTrashcanMacro' is deprecated [-Wdeprecated-declarations]
Py_TRASHCAN_SAFE_BEGIN(self);
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/cpython/object.h:507:9: note: expanded from macro 'Py_TRASHCAN_SAFE_BEGIN'
UsingDeprecatedTrashcanMacro cond=1;
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/cpython/object.h:504:1: note: 'UsingDeprecatedTrashcanMacro' has been explicitly marked deprecated here
Py_DEPRECATED(3.11) typedef int UsingDeprecatedTrashcanMacro;
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/pyport.h:336:54: note: expanded from macro 'Py_DEPRECATED'
#define Py_DEPRECATED(VERSION_UNUSED) attribute((deprecated))
^
2 warnings generated.
In file included from src/easy.c:1:
src/pycurl.h:227:5: warning: "libcurl was compiled with SSL support, but configure could not determine which " "library was used; thus no SSL crypto locking callbacks will be set, which may " "cause random crashes on SSL requests" [-W#warnings]
# warning
^
src/easy.c:283:5: warning: 'UsingDeprecatedTrashcanMacro' is deprecated [-Wdeprecated-declarations]
Py_TRASHCAN_SAFE_BEGIN(self);
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/cpython/object.h:507:9: note: expanded from macro 'Py_TRASHCAN_SAFE_BEGIN'
UsingDeprecatedTrashcanMacro cond=1;
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/cpython/object.h:504:1: note: 'UsingDeprecatedTrashcanMacro' has been explicitly marked deprecated here
Py_DEPRECATED(3.11) typedef int UsingDeprecatedTrashcanMacro;
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/pyport.h:336:54: note: expanded from macro 'Py_DEPRECATED'
#define Py_DEPRECATED(VERSION_UNUSED) attribute((deprecated))
^
2 warnings generated.
clang -Wsign-compare -Wunreachable-code -fno-common -dynamic -DNDEBUG -g -fwrapv -O3 -Wall -arch arm64 -arch x86_64 -g -DPYCURL_VERSION="7.43.0.6" -DHAVE_CURL_SSL=1 -I/Users/shubham.mantri/newApifuzzers/pythonProject/.venv/include -I/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11 -c src/easycb.c -o build/temp.macosx-10.9-universal2-cpython-311/src/easycb.o
In file included from src/easycb.c:1:
src/pycurl.h:227:5: warning: "libcurl was compiled with SSL support, but configure could not determine which " "library was used; thus no SSL crypto locking callbacks will be set, which may " "cause random crashes on SSL requests" [-W#warnings]
# warning
^
src/easycb.c:45:14: warning: 'PyEval_CallObjectWithKeywords' is deprecated [-Wdeprecated-declarations]
result = PyEval_CallObject(cb, arglist);
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:34:5: note: expanded from macro 'PyEval_CallObject'
PyEval_CallObjectWithKeywords(callable, arg, (PyObject *)NULL)
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:27:1: note: 'PyEval_CallObjectWithKeywords' has been explicitly marked deprecated here
Py_DEPRECATED(3.9) PyAPI_FUNC(PyObject *) PyEval_CallObjectWithKeywords(
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/pyport.h:336:54: note: expanded from macro 'Py_DEPRECATED'
#define Py_DEPRECATED(VERSION_UNUSED) attribute((deprecated))
^
src/easycb.c:187:22: warning: 'PyEval_CallObjectWithKeywords' is deprecated [-Wdeprecated-declarations]
python_address = PyEval_CallObject(curl_sockaddr_type, arglist);
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:34:5: note: expanded from macro 'PyEval_CallObject'
PyEval_CallObjectWithKeywords(callable, arg, (PyObject *)NULL)
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:27:1: note: 'PyEval_CallObjectWithKeywords' has been explicitly marked deprecated here
Py_DEPRECATED(3.9) PyAPI_FUNC(PyObject *) PyEval_CallObjectWithKeywords(
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/pyport.h:336:54: note: expanded from macro 'Py_DEPRECATED'
#define Py_DEPRECATED(VERSION_UNUSED) attribute((deprecated))
^
src/easycb.c:198:14: warning: 'PyEval_CallObjectWithKeywords' is deprecated [-Wdeprecated-declarations]
result = PyEval_CallObject(self->opensocket_cb, arglist);
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:34:5: note: expanded from macro 'PyEval_CallObject'
PyEval_CallObjectWithKeywords(callable, arg, (PyObject *)NULL)
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:27:1: note: 'PyEval_CallObjectWithKeywords' has been explicitly marked deprecated here
Py_DEPRECATED(3.9) PyAPI_FUNC(PyObject *) PyEval_CallObjectWithKeywords(
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/pyport.h:336:54: note: expanded from macro 'Py_DEPRECATED'
#define Py_DEPRECATED(VERSION_UNUSED) attribute((deprecated))
^
src/easycb.c:260:15: warning: 'PyEval_CallObjectWithKeywords' is deprecated [-Wdeprecated-declarations]
ret_obj = PyEval_CallObject(self->sockopt_cb, arglist);
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:34:5: note: expanded from macro 'PyEval_CallObject'
PyEval_CallObjectWithKeywords(callable, arg, (PyObject *)NULL)
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:27:1: note: 'PyEval_CallObjectWithKeywords' has been explicitly marked deprecated here
Py_DEPRECATED(3.9) PyAPI_FUNC(PyObject *) PyEval_CallObjectWithKeywords(
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/pyport.h:336:54: note: expanded from macro 'Py_DEPRECATED'
#define Py_DEPRECATED(VERSION_UNUSED) attribute((deprecated))
^
src/easycb.c:312:15: warning: 'PyEval_CallObjectWithKeywords' is deprecated [-Wdeprecated-declarations]
ret_obj = PyEval_CallObject(self->closesocket_cb, arglist);
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:34:5: note: expanded from macro 'PyEval_CallObject'
PyEval_CallObjectWithKeywords(callable, arg, (PyObject *)NULL)
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:27:1: note: 'PyEval_CallObjectWithKeywords' has been explicitly marked deprecated here
Py_DEPRECATED(3.9) PyAPI_FUNC(PyObject *) PyEval_CallObjectWithKeywords(
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/pyport.h:336:54: note: expanded from macro 'Py_DEPRECATED'
#define Py_DEPRECATED(VERSION_UNUSED) attribute((deprecated))
^
src/easycb.c:413:15: warning: 'PyEval_CallObjectWithKeywords' is deprecated [-Wdeprecated-declarations]
ret_obj = PyEval_CallObject(self->ssh_key_cb, arglist);
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:34:5: note: expanded from macro 'PyEval_CallObject'
PyEval_CallObjectWithKeywords(callable, arg, (PyObject *)NULL)
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:27:1: note: 'PyEval_CallObjectWithKeywords' has been explicitly marked deprecated here
Py_DEPRECATED(3.9) PyAPI_FUNC(PyObject *) PyEval_CallObjectWithKeywords(
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/pyport.h:336:54: note: expanded from macro 'Py_DEPRECATED'
#define Py_DEPRECATED(VERSION_UNUSED) attribute((deprecated))
^
src/easycb.c:491:14: warning: 'PyEval_CallObjectWithKeywords' is deprecated [-Wdeprecated-declarations]
result = PyEval_CallObject(cb, arglist);
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:34:5: note: expanded from macro 'PyEval_CallObject'
PyEval_CallObjectWithKeywords(callable, arg, (PyObject *)NULL)
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:27:1: note: 'PyEval_CallObjectWithKeywords' has been explicitly marked deprecated here
Py_DEPRECATED(3.9) PyAPI_FUNC(PyObject *) PyEval_CallObjectWithKeywords(
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/pyport.h:336:54: note: expanded from macro 'Py_DEPRECATED'
#define Py_DEPRECATED(VERSION_UNUSED) attribute((deprecated))
^
src/easycb.c:557:14: warning: 'PyEval_CallObjectWithKeywords' is deprecated [-Wdeprecated-declarations]
result = PyEval_CallObject(self->r_cb, arglist);
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:34:5: note: expanded from macro 'PyEval_CallObject'
PyEval_CallObjectWithKeywords(callable, arg, (PyObject *)NULL)
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:27:1: note: 'PyEval_CallObjectWithKeywords' has been explicitly marked deprecated here
Py_DEPRECATED(3.9) PyAPI_FUNC(PyObject *) PyEval_CallObjectWithKeywords(
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/pyport.h:336:54: note: expanded from macro 'Py_DEPRECATED'
#define Py_DEPRECATED(VERSION_UNUSED) attribute((deprecated))
^
src/easycb.c:665:14: warning: 'PyEval_CallObjectWithKeywords' is deprecated [-Wdeprecated-declarations]
result = PyEval_CallObject(self->pro_cb, arglist);
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:34:5: note: expanded from macro 'PyEval_CallObject'
PyEval_CallObjectWithKeywords(callable, arg, (PyObject *)NULL)
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:27:1: note: 'PyEval_CallObjectWithKeywords' has been explicitly marked deprecated here
Py_DEPRECATED(3.9) PyAPI_FUNC(PyObject *) PyEval_CallObjectWithKeywords(
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/pyport.h:336:54: note: expanded from macro 'Py_DEPRECATED'
#define Py_DEPRECATED(VERSION_UNUSED) attribute((deprecated))
^
src/easycb.c:718:14: warning: 'PyEval_CallObjectWithKeywords' is deprecated [-Wdeprecated-declarations]
result = PyEval_CallObject(self->xferinfo_cb, arglist);
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:34:5: note: expanded from macro 'PyEval_CallObject'
PyEval_CallObjectWithKeywords(callable, arg, (PyObject *)NULL)
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:27:1: note: 'PyEval_CallObjectWithKeywords' has been explicitly marked deprecated here
Py_DEPRECATED(3.9) PyAPI_FUNC(PyObject *) PyEval_CallObjectWithKeywords(
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/pyport.h:336:54: note: expanded from macro 'Py_DEPRECATED'
#define Py_DEPRECATED(VERSION_UNUSED) attribute((deprecated))
^
src/easycb.c:778:14: warning: 'PyEval_CallObjectWithKeywords' is deprecated [-Wdeprecated-declarations]
result = PyEval_CallObject(self->debug_cb, arglist);
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:34:5: note: expanded from macro 'PyEval_CallObject'
PyEval_CallObjectWithKeywords(callable, arg, (PyObject *)NULL)
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:27:1: note: 'PyEval_CallObjectWithKeywords' has been explicitly marked deprecated here
Py_DEPRECATED(3.9) PyAPI_FUNC(PyObject *) PyEval_CallObjectWithKeywords(
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/pyport.h:336:54: note: expanded from macro 'Py_DEPRECATED'
#define Py_DEPRECATED(VERSION_UNUSED) attribute((deprecated))
^
src/easycb.c:819:14: warning: 'PyEval_CallObjectWithKeywords' is deprecated [-Wdeprecated-declarations]
result = PyEval_CallObject(self->ioctl_cb, arglist);
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:34:5: note: expanded from macro 'PyEval_CallObject'
PyEval_CallObjectWithKeywords(callable, arg, (PyObject *)NULL)
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:27:1: note: 'PyEval_CallObjectWithKeywords' has been explicitly marked deprecated here
Py_DEPRECATED(3.9) PyAPI_FUNC(PyObject *) PyEval_CallObjectWithKeywords(
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/pyport.h:336:54: note: expanded from macro 'Py_DEPRECATED'
#define Py_DEPRECATED(VERSION_UNUSED) attribute((deprecated))
^
13 warnings generated.
In file included from src/easycb.c:1:
src/pycurl.h:227:5: warning: "libcurl was compiled with SSL support, but configure could not determine which " "library was used; thus no SSL crypto locking callbacks will be set, which may " "cause random crashes on SSL requests" [-W#warnings]
# warning
^
src/easycb.c:45:14: warning: 'PyEval_CallObjectWithKeywords' is deprecated [-Wdeprecated-declarations]
result = PyEval_CallObject(cb, arglist);
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:34:5: note: expanded from macro 'PyEval_CallObject'
PyEval_CallObjectWithKeywords(callable, arg, (PyObject *)NULL)
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:27:1: note: 'PyEval_CallObjectWithKeywords' has been explicitly marked deprecated here
Py_DEPRECATED(3.9) PyAPI_FUNC(PyObject *) PyEval_CallObjectWithKeywords(
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/pyport.h:336:54: note: expanded from macro 'Py_DEPRECATED'
#define Py_DEPRECATED(VERSION_UNUSED) attribute((deprecated))
^
src/easycb.c:187:22: warning: 'PyEval_CallObjectWithKeywords' is deprecated [-Wdeprecated-declarations]
python_address = PyEval_CallObject(curl_sockaddr_type, arglist);
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:34:5: note: expanded from macro 'PyEval_CallObject'
PyEval_CallObjectWithKeywords(callable, arg, (PyObject *)NULL)
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:27:1: note: 'PyEval_CallObjectWithKeywords' has been explicitly marked deprecated here
Py_DEPRECATED(3.9) PyAPI_FUNC(PyObject *) PyEval_CallObjectWithKeywords(
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/pyport.h:336:54: note: expanded from macro 'Py_DEPRECATED'
#define Py_DEPRECATED(VERSION_UNUSED) attribute((deprecated))
^
src/easycb.c:198:14: warning: 'PyEval_CallObjectWithKeywords' is deprecated [-Wdeprecated-declarations]
result = PyEval_CallObject(self->opensocket_cb, arglist);
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:34:5: note: expanded from macro 'PyEval_CallObject'
PyEval_CallObjectWithKeywords(callable, arg, (PyObject *)NULL)
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:27:1: note: 'PyEval_CallObjectWithKeywords' has been explicitly marked deprecated here
Py_DEPRECATED(3.9) PyAPI_FUNC(PyObject *) PyEval_CallObjectWithKeywords(
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/pyport.h:336:54: note: expanded from macro 'Py_DEPRECATED'
#define Py_DEPRECATED(VERSION_UNUSED) attribute((deprecated))
^
src/easycb.c:260:15: warning: 'PyEval_CallObjectWithKeywords' is deprecated [-Wdeprecated-declarations]
ret_obj = PyEval_CallObject(self->sockopt_cb, arglist);
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:34:5: note: expanded from macro 'PyEval_CallObject'
PyEval_CallObjectWithKeywords(callable, arg, (PyObject *)NULL)
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:27:1: note: 'PyEval_CallObjectWithKeywords' has been explicitly marked deprecated here
Py_DEPRECATED(3.9) PyAPI_FUNC(PyObject *) PyEval_CallObjectWithKeywords(
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/pyport.h:336:54: note: expanded from macro 'Py_DEPRECATED'
#define Py_DEPRECATED(VERSION_UNUSED) attribute((deprecated))
^
src/easycb.c:312:15: warning: 'PyEval_CallObjectWithKeywords' is deprecated [-Wdeprecated-declarations]
ret_obj = PyEval_CallObject(self->closesocket_cb, arglist);
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:34:5: note: expanded from macro 'PyEval_CallObject'
PyEval_CallObjectWithKeywords(callable, arg, (PyObject *)NULL)
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:27:1: note: 'PyEval_CallObjectWithKeywords' has been explicitly marked deprecated here
Py_DEPRECATED(3.9) PyAPI_FUNC(PyObject *) PyEval_CallObjectWithKeywords(
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/pyport.h:336:54: note: expanded from macro 'Py_DEPRECATED'
#define Py_DEPRECATED(VERSION_UNUSED) attribute((deprecated))
^
src/easycb.c:413:15: warning: 'PyEval_CallObjectWithKeywords' is deprecated [-Wdeprecated-declarations]
ret_obj = PyEval_CallObject(self->ssh_key_cb, arglist);
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:34:5: note: expanded from macro 'PyEval_CallObject'
PyEval_CallObjectWithKeywords(callable, arg, (PyObject *)NULL)
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:27:1: note: 'PyEval_CallObjectWithKeywords' has been explicitly marked deprecated here
Py_DEPRECATED(3.9) PyAPI_FUNC(PyObject *) PyEval_CallObjectWithKeywords(
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/pyport.h:336:54: note: expanded from macro 'Py_DEPRECATED'
#define Py_DEPRECATED(VERSION_UNUSED) attribute((deprecated))
^
src/easycb.c:491:14: warning: 'PyEval_CallObjectWithKeywords' is deprecated [-Wdeprecated-declarations]
result = PyEval_CallObject(cb, arglist);
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:34:5: note: expanded from macro 'PyEval_CallObject'
PyEval_CallObjectWithKeywords(callable, arg, (PyObject *)NULL)
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:27:1: note: 'PyEval_CallObjectWithKeywords' has been explicitly marked deprecated here
Py_DEPRECATED(3.9) PyAPI_FUNC(PyObject *) PyEval_CallObjectWithKeywords(
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/pyport.h:336:54: note: expanded from macro 'Py_DEPRECATED'
#define Py_DEPRECATED(VERSION_UNUSED) attribute((deprecated))
^
src/easycb.c:557:14: warning: 'PyEval_CallObjectWithKeywords' is deprecated [-Wdeprecated-declarations]
result = PyEval_CallObject(self->r_cb, arglist);
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:34:5: note: expanded from macro 'PyEval_CallObject'
PyEval_CallObjectWithKeywords(callable, arg, (PyObject *)NULL)
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:27:1: note: 'PyEval_CallObjectWithKeywords' has been explicitly marked deprecated here
Py_DEPRECATED(3.9) PyAPI_FUNC(PyObject *) PyEval_CallObjectWithKeywords(
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/pyport.h:336:54: note: expanded from macro 'Py_DEPRECATED'
#define Py_DEPRECATED(VERSION_UNUSED) attribute((deprecated))
^
src/easycb.c:665:14: warning: 'PyEval_CallObjectWithKeywords' is deprecated [-Wdeprecated-declarations]
result = PyEval_CallObject(self->pro_cb, arglist);
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:34:5: note: expanded from macro 'PyEval_CallObject'
PyEval_CallObjectWithKeywords(callable, arg, (PyObject *)NULL)
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:27:1: note: 'PyEval_CallObjectWithKeywords' has been explicitly marked deprecated here
Py_DEPRECATED(3.9) PyAPI_FUNC(PyObject *) PyEval_CallObjectWithKeywords(
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/pyport.h:336:54: note: expanded from macro 'Py_DEPRECATED'
#define Py_DEPRECATED(VERSION_UNUSED) attribute((deprecated))
^
src/easycb.c:718:14: warning: 'PyEval_CallObjectWithKeywords' is deprecated [-Wdeprecated-declarations]
result = PyEval_CallObject(self->xferinfo_cb, arglist);
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:34:5: note: expanded from macro 'PyEval_CallObject'
PyEval_CallObjectWithKeywords(callable, arg, (PyObject *)NULL)
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:27:1: note: 'PyEval_CallObjectWithKeywords' has been explicitly marked deprecated here
Py_DEPRECATED(3.9) PyAPI_FUNC(PyObject *) PyEval_CallObjectWithKeywords(
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/pyport.h:336:54: note: expanded from macro 'Py_DEPRECATED'
#define Py_DEPRECATED(VERSION_UNUSED) attribute((deprecated))
^
src/easycb.c:778:14: warning: 'PyEval_CallObjectWithKeywords' is deprecated [-Wdeprecated-declarations]
result = PyEval_CallObject(self->debug_cb, arglist);
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:34:5: note: expanded from macro 'PyEval_CallObject'
PyEval_CallObjectWithKeywords(callable, arg, (PyObject *)NULL)
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:27:1: note: 'PyEval_CallObjectWithKeywords' has been explicitly marked deprecated here
Py_DEPRECATED(3.9) PyAPI_FUNC(PyObject *) PyEval_CallObjectWithKeywords(
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/pyport.h:336:54: note: expanded from macro 'Py_DEPRECATED'
#define Py_DEPRECATED(VERSION_UNUSED) attribute((deprecated))
^
src/easycb.c:819:14: warning: 'PyEval_CallObjectWithKeywords' is deprecated [-Wdeprecated-declarations]
result = PyEval_CallObject(self->ioctl_cb, arglist);
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:34:5: note: expanded from macro 'PyEval_CallObject'
PyEval_CallObjectWithKeywords(callable, arg, (PyObject *)NULL)
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:27:1: note: 'PyEval_CallObjectWithKeywords' has been explicitly marked deprecated here
Py_DEPRECATED(3.9) PyAPI_FUNC(PyObject *) PyEval_CallObjectWithKeywords(
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/pyport.h:336:54: note: expanded from macro 'Py_DEPRECATED'
#define Py_DEPRECATED(VERSION_UNUSED) attribute((deprecated))
^
13 warnings generated.
clang -Wsign-compare -Wunreachable-code -fno-common -dynamic -DNDEBUG -g -fwrapv -O3 -Wall -arch arm64 -arch x86_64 -g -DPYCURL_VERSION="7.43.0.6" -DHAVE_CURL_SSL=1 -I/Users/shubham.mantri/newApifuzzers/pythonProject/.venv/include -I/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11 -c src/easyinfo.c -o build/temp.macosx-10.9-universal2-cpython-311/src/easyinfo.o
In file included from src/easyinfo.c:1:
src/pycurl.h:227:5: warning: "libcurl was compiled with SSL support, but configure could not determine which " "library was used; thus no SSL crypto locking callbacks will be set, which may " "cause random crashes on SSL requests" [-W#warnings]
# warning
^
1 warning generated.
In file included from src/easyinfo.c:1:
src/pycurl.h:227:5: warning: "libcurl was compiled with SSL support, but configure could not determine which " "library was used; thus no SSL crypto locking callbacks will be set, which may " "cause random crashes on SSL requests" [-W#warnings]
# warning
^
1 warning generated.
clang -Wsign-compare -Wunreachable-code -fno-common -dynamic -DNDEBUG -g -fwrapv -O3 -Wall -arch arm64 -arch x86_64 -g -DPYCURL_VERSION="7.43.0.6" -DHAVE_CURL_SSL=1 -I/Users/shubham.mantri/newApifuzzers/pythonProject/.venv/include -I/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11 -c src/easyopt.c -o build/temp.macosx-10.9-universal2-cpython-311/src/easyopt.o
In file included from src/easyopt.c:1:
src/pycurl.h:227:5: warning: "libcurl was compiled with SSL support, but configure could not determine which " "library was used; thus no SSL crypto locking callbacks will be set, which may " "cause random crashes on SSL requests" [-W#warnings]
# warning
^
1 warning generated.
In file included from src/easyopt.c:1:
src/pycurl.h:227:5: warning: "libcurl was compiled with SSL support, but configure could not determine which " "library was used; thus no SSL crypto locking callbacks will be set, which may " "cause random crashes on SSL requests" [-W#warnings]
# warning
^
1 warning generated.
clang -Wsign-compare -Wunreachable-code -fno-common -dynamic -DNDEBUG -g -fwrapv -O3 -Wall -arch arm64 -arch x86_64 -g -DPYCURL_VERSION="7.43.0.6" -DHAVE_CURL_SSL=1 -I/Users/shubham.mantri/newApifuzzers/pythonProject/.venv/include -I/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11 -c src/easyperform.c -o build/temp.macosx-10.9-universal2-cpython-311/src/easyperform.o
In file included from src/easyperform.c:1:
src/pycurl.h:227:5: warning: "libcurl was compiled with SSL support, but configure could not determine which " "library was used; thus no SSL crypto locking callbacks will be set, which may " "cause random crashes on SSL requests" [-W#warnings]
# warning
^
src/easyperform.c:31:10: warning: 'PyEval_CallObjectWithKeywords' is deprecated [-Wdeprecated-declarations]
io = PyEval_CallObject(bytesio, NULL);
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:34:5: note: expanded from macro 'PyEval_CallObject'
PyEval_CallObjectWithKeywords(callable, arg, (PyObject *)NULL)
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:27:1: note: 'PyEval_CallObjectWithKeywords' has been explicitly marked deprecated here
Py_DEPRECATED(3.9) PyAPI_FUNC(PyObject *) PyEval_CallObjectWithKeywords(
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/pyport.h:336:54: note: expanded from macro 'Py_DEPRECATED'
#define Py_DEPRECATED(VERSION_UNUSED) attribute((deprecated))
^
2 warnings generated.
In file included from src/easyperform.c:1:
src/pycurl.h:227:5: warning: "libcurl was compiled with SSL support, but configure could not determine which " "library was used; thus no SSL crypto locking callbacks will be set, which may " "cause random crashes on SSL requests" [-W#warnings]
# warning
^
src/easyperform.c:31:10: warning: 'PyEval_CallObjectWithKeywords' is deprecated [-Wdeprecated-declarations]
io = PyEval_CallObject(bytesio, NULL);
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:34:5: note: expanded from macro 'PyEval_CallObject'
PyEval_CallObjectWithKeywords(callable, arg, (PyObject *)NULL)
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:27:1: note: 'PyEval_CallObjectWithKeywords' has been explicitly marked deprecated here
Py_DEPRECATED(3.9) PyAPI_FUNC(PyObject *) PyEval_CallObjectWithKeywords(
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/pyport.h:336:54: note: expanded from macro 'Py_DEPRECATED'
#define Py_DEPRECATED(VERSION_UNUSED) attribute((deprecated))
^
2 warnings generated.
clang -Wsign-compare -Wunreachable-code -fno-common -dynamic -DNDEBUG -g -fwrapv -O3 -Wall -arch arm64 -arch x86_64 -g -DPYCURL_VERSION="7.43.0.6" -DHAVE_CURL_SSL=1 -I/Users/shubham.mantri/newApifuzzers/pythonProject/.venv/include -I/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11 -c src/module.c -o build/temp.macosx-10.9-universal2-cpython-311/src/module.o
In file included from src/module.c:1:
src/pycurl.h:227:5: warning: "libcurl was compiled with SSL support, but configure could not determine which " "library was used; thus no SSL crypto locking callbacks will be set, which may " "cause random crashes on SSL requests" [-W#warnings]
# warning
^
src/module.c:415:25: error: expression is not assignable
Py_TYPE(&Curl_Type) = &PyType_Type;
~~~~~~~~~~~~~~~~~~~ ^
src/module.c:416:30: error: expression is not assignable
Py_TYPE(&CurlMulti_Type) = &PyType_Type;
~~~~~~~~~~~~~~~~~~~~~~~~ ^
src/module.c:417:30: error: expression is not assignable
Py_TYPE(&CurlShare_Type) = &PyType_Type;
~~~~~~~~~~~~~~~~~~~~~~~~ ^
src/module.c:1468:5: warning: 'PyEval_InitThreads' is deprecated [-Wdeprecated-declarations]
PyEval_InitThreads();
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/ceval.h:132:1: note: 'PyEval_InitThreads' has been explicitly marked deprecated here
Py_DEPRECATED(3.9) PyAPI_FUNC(void) PyEval_InitThreads(void);
^
/Library/Frameworks/Python.framework/Versions/3.11/include/python3.11/pyport.h:336:54: note: expanded from macro 'Py_DEPRECATED'
#define Py_DEPRECATED(VERSION_UNUSED) attribute((deprecated))
^
2 warnings and 3 errors generated.
error: command '/usr/bin/clang' failed with exit code 1
[end of output]
note: This error originates from a subprocess, and is likely not a problem with pip.
ERROR: Failed building wheel for pycurl
Running setup.py clean for pycurl
Failed to build pycurl
ERROR: Could not build wheels for pycurl, which is required to install pyproject.toml-based projects
Software environment (please complete the following information):
I think there might be some issues with malformed requests not being sent through the request library, there are a bunch of reports without response info and I can't find those outgoing requests at all with wireshark.
If you run the test application for instance, you will get the following report for test case 80:
{
"status": "ZmFpbGVk",
"name": "dGFyZ2V0",
"sub_reports": [],
"test_number": 80,
"state": "Q09NUExFVEVE",
"reason": "dGFyZ2V0"
}
As you can see, no response. It could be that this request causes some error on the server such that it doesn't reply, but I cannot even find outgoing traffic for these requests when inspecting the traffic with WireShark.
This is the output from the fuzzer while it runs:
[INFO ][base._test_info] Current test: 80
25790 [INFO] kitty: Current test: 80
25790 [DEBUG] root: Transmit: {'url': b'get', 'method': b'GET', 'headers': {'get|get|headerparam': 'Lm2Ҁ'}}
25790 [INFO] root: Request URL : http://127.0.0.1:5000/get
25790 [DEBUG] root: Request kwargs:{'headers': {'get|get|headerparam': 'Lm2Ҁ'}}, url: http://127.0.0.1:5000/get, method: GET
25790 [DEBUG] urllib3.connectionpool: Starting new HTTP connection (1): 127.0.0.1:5000
25790 [WARNING] root: Failed to parse http response code, exception occurred
25790 [WARNING] root: Test 80 status: failed
25790 [WARNING] root: Reason: target
[WARNING ][base._post_test] !! Failure detected !!
25790 [WARNING] kitty: !! Failure detected !!
The fuzzers fails when running against the test server Error in transmit: a bytes-like object is required, not 'str'
when running according to the documentation.
This issue has been replicated running directly on Linux and with PR #21 in a docker container.
$ python3 fuzzer.py -s test/test_swagger_definition.json -u http://localhost:5000/ -r /tmp/reports/
[INFO ][fuzzer_target.__init__] Logger initialized
[INFO ][base._load_session] No session loaded
[INFO ][base._start_message]
--------------------------------------------------
Starting fuzzing session
Target: FuzzerTarget
UI: WebInterface listening on 127.0.0.1:26000
Log: ./kittylogs/kitty_20191002-160156.log
Total possible mutation count: 6480
--------------------------------------------------
Happy hacking
--------------------------------------------------
[INFO ][base.start] Performing environment test
[INFO ][base._test_info] Current test: -1
[INFO ][server_fuzzer._transmit] Transmit place: params
[INFO ][server_fuzzer._transmit] Transmit place: headers
[INFO ][server_fuzzer._transmit] Transmit place: data
[INFO ][server_fuzzer._transmit] Transmit place: path_variables
[INFO ][fuzzer_target.transmit] URL part: http://localhost:5000/
[INFO ][fuzzer_target.transmit] URL part: b'/exception/{integer_id}'
[ERROR ][server_fuzzer._transmit] Error in transmit: a bytes-like object is required, not 'str'
[INFO ][server_fuzzer._test_environment] Environment test failed
[INFO ][server._start] should keep running? True
[INFO ][base._test_info] Current test: 0
[INFO ][server_fuzzer._transmit] Transmit place: params
[INFO ][server_fuzzer._transmit] Transmit place: headers
[INFO ][server_fuzzer._transmit] Transmit place: data
[INFO ][server_fuzzer._transmit] Transmit place: path_variables
[INFO ][fuzzer_target.transmit] URL part: http://localhost:5000/
[INFO ][fuzzer_target.transmit] URL part: b'/exception/{integer_id}'
[ERROR ][server_fuzzer._transmit] Error in transmit: a bytes-like object is required, not 'str'
[ERROR ][server._start] Error occurred while fuzzing: TypeError("a bytes-like object is required, not 'str'")
[ERROR ][server._start] Traceback (most recent call last):
File "/home/krijor/.local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 43, in _start
self._run_sequence(sequence)
File "/home/krijor/.local/lib/python3.7/site-packages/kitty/fuzzers/server.py", line 74, in _run_sequence
resp = self._transmit(node)
File "/home/krijor/kth/APIFuzzer/apifuzzer/server_fuzzer.py", line 60, in _transmit
return self.target.transmit(**payload)
File "/home/krijor/kth/APIFuzzer/apifuzzer/fuzzer_target.py", line 66, in transmit
_req_url.append(url_part.strip('/'))
TypeError: a bytes-like object is required, not 'str'
[INFO ][base._end_message]
--------------------------------------------------
Finished fuzzing session
Target: FuzzerTarget
Tested 1 mutation
Failure count: 0
--------------------------------------------------
[INFO ][server_fuzzer._end_message] Stop fuzzing session_info: {'start_time': 1570024916.855605, 'start_index': 0, 'end_index': 6479, 'current_index': 1, 'failure_count': 0, 'kitty_version': '0.7.4', 'data_model_hash': -7729877241357270196, 'test_list_str': '0-6479'}
Make the library available to download via pip
Error:
87916 [INFO] root: APIFuzzer initialized
87916 [INFO] root: Logger initialized
87916 [INFO] root: Start preparation
87916 [INFO] root: Resource: /status Method: get
87916 [INFO] root: Resource: /queues Method: get
87916 [INFO] root: Resource: /queues/{queue-name} Method: get
87916 [INFO] root: Resource: /workflows Method: post
Traceback (most recent call last):
File "fuzzer.py", line 115, in <module>
prog.prepare()
File "fuzzer.py", line 40, in prepare
template_generator.process_api_resources()
File "/Users/n/src/acronis/APIFuzzer/apifuzzer/swagger_template_generator.py", line 38, in process_api_resources
transform_data_to_bytes(param.get('type'))) # gives RandomBitsField at the moment
File "/Users/n/src/acronis/APIFuzzer/apifuzzer/utils.py", line 56, in transform_data_to_bytes
return bytes(data_in)
TypeError: cannot convert 'NoneType' object to bytes
My swagger spec for POST /workflows
contains following parameter:
{
"name": "body",
"in": "body",
"required": true,
"description": "",
"schema": {
"$ref": "#/definitions/workflowDefinition"
}
}
This definition is absolutely valid according to swagger 2 spec
Describe the bug
I have been been fuzzing for some hours and got a report telling me the following:
<?xml version="1.0" ?>
<testsuites disabled="0" errors="0" failures="32693" tests="32693" time="0.0">
<testsuite disabled="0" errors="0" failures="32693" name="API Fuzzer" skipped="0" tests="32693" time="0">
<testcase name="136" status="failed">
According to this, the time was 0 seconds and all tests failed. However, looking at the last failed record I see:
<testcase name="61525" status="failed">
So I have at least 61525 tests. So the numbers above are not correct. However, the numbers of failures is correct as in many cases the API returned 505, which is not critical but will be fixed, however, I would like to see the correct numbers in the report.
Software environment (please complete the following information):
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.