#!/usr/bin/env python3 """create_seeds.py Create a JQF-compatible seeds directory from a payload list. Usage: python create_seeds.py [--payload-file PAYLOAD_FILE] [--outdir SEEDS_DIR] [--encoding utf8|base64] - If --payload-file is provided, the script reads payloads line-by-line from that file. Empty lines are ignored. - If not provided, the script uses a built-in default list. - By default payloads are written as raw UTF-8 bytes (no BOM). - If you use --encoding base64 then each line is expected to be Base64 and will be decoded to binary before writing as a seed file. - The script writes files named 000000.in, 000001.in, ... in the output directory. Security note: One of your payloads contains a JNDI/RMI payload. Only run fuzzing with such payloads in an isolated test/sandbox environment. Do NOT run this against production or internet-connected services. Example: python create_seeds.py --payload-file payload.txt --outdir seeds """
import argparse import os import sys import base64
defread_payloads_from_file(path): payloads = [] withopen(path, "r", encoding="utf-8", errors="surrogateescape") as f: for line in f: line = line.rstrip("\n\r") if line == "": continue payloads.append(line) return payloads
defwrite_seeds(payloads, outdir, encoding="utf8"): ensure_dir(outdir) written = [] for idx, p inenumerate(payloads): name = "{:06d}.in".format(idx) outpath = os.path.join(outdir, name) if encoding == "utf8": data = p.encode("utf-8") elif encoding == "base64": # decode base64 line to bytes data = base64.b64decode(p) else: raise ValueError("unsupported encoding: " + encoding) withopen(outpath, "wb") as wf: wf.write(data) written.append((outpath, len(data))) return written
defmain(): parser = argparse.ArgumentParser(description="Create JQF seeds directory from payloads") parser.add_argument("--payload-file", "-p", help="Path to payload file (one payload per line). If omitted, uses built-in list.", default=None) parser.add_argument("--outdir", "-o", help="Output seeds directory (default: ./seeds)", default="seeds") parser.add_argument("--encoding", "-e", help="Payload encoding: utf8 (default) or base64", choices=["utf8","base64"], default="utf8") args = parser.parse_args()
if args.payload_file: ifnot os.path.isfile(args.payload_file): print("ERROR: payload file does not exist:", args.payload_file, file=sys.stderr) sys.exit(2) payloads = read_payloads_from_file(args.payload_file) else: payloads = DEFAULT_PAYLOADS[:]
iflen(payloads) == 0: print("No payloads to write. Exiting.", file=sys.stderr) sys.exit(0)
written = write_seeds(payloads, args.outdir, encoding=args.encoding) print("Wrote {} seed files to '{}'".format(len(written), args.outdir)) for p, l in written: print(" {} ({} bytes)".format(p, l))
