Giter Site home page Giter Site logo

anrchen / afl Goto Github PK

View Code? Open in Web Editor NEW

This project forked from google/afl

0.0 0.0 0.0 1.66 MB

american fuzzy lop - a security-oriented fuzzer

Home Page: https://lcamtuf.coredump.cx/afl/

License: Apache License 2.0

Shell 7.26% JavaScript 0.01% C++ 1.54% C 80.47% Makefile 2.63% HTML 0.66% Rich Text Format 0.01% Jupyter Notebook 7.44%

afl's Introduction

Performance Fuzzer

The performance fuzzer is designed to identify performance hot spots. This fuzzer is built on top of AFL, which was originally developed by Michal Zalewski [email protected].

See Refactoring Logs if you want to understand the implementation details. In section , we also present an overall on the core implementation.

Installation & Fuzzing

Here is a general installation guide on the fuzzer. You should also check out our cheatsheet that summarizes the overall workflow of the fuzzer. The steps are the following:

  1. Compile the fuzzer with make
  2. Compile the llvm mode with make
  3. Compile the program to be fuzzed using afl-clang-fast
  4. Create initial tests
  5. Run afl-fuzz on the tested program
  6. Analyze the output
1. Compile the fuzzer with make
$ make
2. Compile the llvm mode with make

See LLVM README for more details.

$ cd llvm && make

If the compilation is successful, this should generate a binary afl-clang-fast in the parent directory.

3. Compile the program to be fuzzed using afl-clang-fast

The next step is to run to compile the program to be fuzzed from its source code. A common way is to assign the CC and CXX variables when running configure. This helps to select our compiled afl-clang-fast as the C compiler.

CC="/path_to_afl/afl-clang-fast" ./configure --disable-shared
make clean all

For C++ code, be sure to also include the CXX variable (e.g., CXX="/path_to_afl/afl-clang-fast++").

4. Create initial tests

Setup a basic input file as a starting point for the fuzzer. This input file will serve as seed to the program. Make sure the program will accept this input as a valid parameter.

5. Run afl-fuzz on the tested program

For programs that reads from stdin, run afl-fuzz as following:

/path_to_afl/afl-fuzz -p -i ./seeds -o seeds_out -- ./path_to_program [program cmdline]

For programs that take input from a file, you can use the @@ annotation. This will automatically replace it by the content of the file from the test case directory (i.e., ./seeds in our example below).

/path_to_afl/afl-fuzz -p -i ./seeds -o seeds_out -- ./path_to_program @@

See Workflow for more details on how afl-fuzz is implemented.

6. Analyze the output

cheat01

cheat02

Workflow

Below, we summarize in form of cheatsheet the core components that are essential for understanding the workflow in afl-fuzz.

1. Collecting code coverage

cheat1

2. Detecting new edges

cheat2

3. On the implementation of the fork server

cheat3

cheat4

afl's People

Contributors

anrchen avatar dor1s avatar jonathanmetzman avatar rootup avatar neuracr avatar andreafioraldi avatar ddcc avatar joeyjiao avatar ammaraskar avatar baryluk avatar wolframroesler avatar bnjf avatar fouzhe avatar pyhuang avatar u1f383 avatar vanhauser-thc avatar wakolzin avatar saullocarvalho avatar rurban avatar qinlinchen avatar pietroferretti avatar hannob avatar kanner avatar bayandin avatar adrianherrera avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.