PDFuzzerGen: Policy-Driven Black-Box Fuzzer Generation for Smart Devices
Algorithm 1
Differential Sliding Positioning.
ā
Input: Login message , Replay time
ā
Output: Potential authentication field location
(1)
Replayed times. After each login authentication succeeds, select the same group of functional messages that carry state maintenance information.
(2)
A pairwise difference is performed on the message in , and its potential difference fields are located.
(3)
Perform sliding traversal on each difference field and filter according to its location and content. When is in the URL or request header fields, the difference field is inferred to be a potential authentication field . When is in the cookie or payload, the parameters in the cookie or payload are parsed, and the values of the same key are compared. If the length of exceeds the threshold , the field is inferred to be a potential authentication field .
