Questions tagged [afl-fuzz]
11 questions
2
votes
1 answer
How to make afl-fuzz not skip test cases when a timeout is reached
I am currently trying to fuzz a PDF viewer with the AFL fuzzer (American Fuzzy Lop).
My problem is quite simple, afl-fuzz expect the application to take an input and close after processing it. But, the PDF viewer is intended to open the document and…
perror
- 7,071
- 16
- 58
- 85
0
votes
0 answers
afl-gcc-fast complains about incompatible GCC and plugin versions even though they are the same
I am trying to compile this simple program with afl-gcc-fast.
#include
int main(int argc, char** argv) {
printf("%s", "Hello world!\n");
return 0;
}
I then get this error:
afl-cc++4.06a by Michal Zalewski, Laszlo Szekeres, Marc…
0
votes
0 answers
Fuzzing using Qemu or Unicorn
I'm studying fuzzing and I need to know when to use qemu mode and when to use unicorn mode if I want to fuzz embedded systems software?
I expect that the difference will based on the application I'm going to fuzz, But I can't realize what is that…
Msafwat
- 1
0
votes
0 answers
i need help fuzzing a tftp server with afl
Im using afl to fuzz this program that i find in github
https://github.com/crossbowerbt/tftpserver
with this command after compiling it with afl-clang-fast
afl-fuzz -i -o -t 1000 -- …
Fila zunex
- 1
- 1
0
votes
0 answers
undefined symbol: __afl_area_ptr when trying to compile Kisak strike
I want to fuzz the map loading feature in counter strike. The source code for csgo got leaked a while back and here is a build which you can compile https://github.com/SwagSoftware/Kisak-Strike . However, when I try to compile it using this…
0
votes
1 answer
Firmware AFL++ fuzzing fails
I want to do Iot firmware fuzzing by AFL++ on a Linux system
https://blog.attify.com/fuzzing-iot-devices-part-1/
I have done the setup according to that link. when i run
sudo QEMU_LD_PREFIX=./squashfs-root/ ../AFLplusplus/afl-fuzz -Q -i input-xml/…
saman naz
- 53
- 12
0
votes
1 answer
AFL-fuzz not finding any crashes
I am trying AFL for the first time, and for that reason i found a very simple vulnerable C code that i could use to test AFL.
The C code in questions is
#include
#include
int main(int argc, char * argv[]){
char…
Snox
- 580
- 1
- 10
- 24
0
votes
2 answers
Binary fuzzing with AFL++
I want to do some experiments with afl++ / binary fuzzing. I installed it and run build_qemu_support.sh, but there is still an error message, if i try to fuzz a binary.
Command:
afl-fuzz -Q -i /usr/tests/ -o /usr/tests/output -- ./bin/apt -d…
V N
- 1
- 1
0
votes
1 answer
Problems when using QEMU user mode with -L parameter to run an ARM binary from IoT firmware
I tried to run an ARM binary - httpd which is from a Webcam firmware on Ubuntu18.04. My computer is based on X64_86 so I decided to run it by using QEMU virtual machine. As far as I know, QEMU provided two different simulation modes which are System…
jackfromeast
- 5
- 3
0
votes
1 answer
Where are GNU coreutils binaries located after building with make?
I want to practice fuzzing on the GNU coreutils with AFL. My plan is to compile coreutils binaries with the afl-gcc to be able to run AFL on them.
I have been able to successfully compile the coreutils with AFL's compiler by running ./configure…
Chobom
- 1
- 3
0
votes
1 answer
Trying to recreate Heatbleed with AFL-FUZZ using OpenSSL 1.0.1f
I am here trying to recreate Heartbleed bug on openssl versions prior to 1.0.1g, so I selected openssl 1.0.1f. I installed AFL-FUZZ and then openssl. With help of this and this link I think I have installed openssl but in end it gave me a strange…
aneela
- 1,457
- 3
- 24
- 45