Stack Overflow
Stack Overflow

Questions tagged [american-fuzzy-lop]

american fuzzy lop is a security-oriented fuzzer that employs genetic algorithms in order to efficiently increase code coverage of the test cases. Questions using this tag should be about the use of american-fuzzy-lop or the development of code interfacing with it.

Additional reading: https://en.wikipedia.org/wiki/American_fuzzy_lop_(fuzzer)

Project's website: http://lcamtuf.coredump.cx/afl

41 questions
9
votes
1 answer

AFL warning: Last new path : none yet (odd, check syntax!)

I have this warning (Last new path : none yet (odd, check syntax!)) in red after I try to fuzzing a file. I have no idea why it happens and I googled with no answers. My command is like: afl-fuzz -i testcases/ -o findings/ tcpdump-4.6.2/tcpdump…
Omg I killed Kennny
  • 311
  • 2
  • 9
6
votes
1 answer

AFL fuzzing without root - avoid modifying /proc/sys/kernel/core_pattern

I want to run the American Fuzzy Lop (AFL) fuzzer on a Linux system where I don't have root access. When I do so, the first thing that happens is that it gives me an error message asking me to modify /proc/sys/kernel/core_pattern: [-] Hmm, your…
D.W.
  • 3,382
  • 7
  • 44
  • 110
5
votes
3 answers

Fuzzing command line arguments [argv]

I have a binary I've been trying to fuzz with AFL, the only thing is AFL only fuzzes STDIN, and File inputs and this binary takes input through its arguments pass_read [input1] [input2]. I was wondering if there are any methods/fuzzers that allow…
rooter
  • 99
  • 2
  • 8
5
votes
1 answer

Apply american fuzzy lop as a part of Travis CI?

I would like to run american fuzzy lop as a part of Travis CI run. How can I do that?
d33tah
  • 10,999
  • 13
  • 68
  • 158
4
votes
1 answer

How to make Libfuzzer run without stopping similar to AFL?

I have been trying to fuzz using both AFL and Libfuzzer. One of the distinct differences that I have come across is that when the AFL is executed, it runs continuously unless it is manually stopped by the developer. On the other hand, Libfuzzer…
coder
  • 203
  • 5
  • 15
2
votes
3 answers

Can I kill another process from SIGSEGV handler?

Background: I'm fuzzing a long-lived process with afl-fuzz by passing to it the filename to process from a stub that afl-fuzz runs for each sample. When the long-lived process crashes via SIGSEGV, I want the stub to also generate a SIGSEGV, so that…
patraulea
  • 652
  • 2
  • 5
  • 26
2
votes
1 answer

How to rebuild a Fedora package with a different compiler?

Similarly to this question ("How can I automatically rebuild a package with a different compiler?" on askubuntu.com), I would like to know how can I automate fetching source and compilation of a C program using Fedora build scripts using a specific,…
d33tah
  • 10,999
  • 13
  • 68
  • 158
1
vote
1 answer

AFL-GCC compiles differently than GCC

I want to understand AFL's code instrumentation in detail. Compiling a sample program sample.c int main(int argc, char **argv) { int ret = 0; if(argc > 1) { ret = 7; } else { ret = 12; } return ret; } with gcc -c -o…
Paul Elser
  • 25
  • 3
1
vote
0 answers

AFL not taking input from Stdin

I am trying to Fuzz a binary file that takes input from the user(Stdin). When I try Afl-fuzz and then my binary something like afl-fuzz a.out It asks for the required parameters that are specifying the input and output directories. afl-fuzz -i…
Obaid Ur Rehman
  • 324
  • 2
  • 15
1
vote
1 answer

Errors when using afl++

I am trying to familiarize myself with the usage of afl++. I wrote a simple program that should crash due to buffer overflow if argv[1] is too long. int main(int argc, char *argv[]) { char buffer[4]; if(argc == 2) { …
localacct
  • 611
  • 5
  • 13
1
vote
0 answers

Can't find '/opt/local/bin/clang'

Background information I am trying to install AFL on MacOS X, and have been following the instructions on https://reverse.put.as/2017/07/10/compiling-afl-osx-llvm-mode/. When I type $make in terminal, the following error appears. [*] Checking for…
user13610933
  • 13
  • 4
1
vote
1 answer

Why does afl fuzzer get segmentation fault?

I did a program in c to do some avl sorting. the program runs well when i test it with no crash. however i ran the program for possible bugs with afl fuzzer and i dont seem to know why i keep getting segmentation fault. below is the tree.c. I dont…
King Josh
  • 65
  • 10
1
vote
1 answer

Segmentation fault when I use afl fuzzer

I am having an issue figuring out what wrong with my code below. I run the full code and I do a lot of input testing and errors are being handled as I want them to. I also use stuffs like valgrind, cppchecker to check for bugs which I fixed the…
King ja
  • 51
  • 5
1
vote
1 answer

Using AFL's persistent mode to fuzz large amount of repetitive data

I have a program that processes packets of certain size but require a large amount of them for any meaningful output. I currently fuzz my program with AFL by receiving a packet from AFL and running it through the system the necessary amount of…
Gilad Naaman
  • 6,390
  • 15
  • 52
  • 82
1
vote
2 answers

How to create an augmented AFL fuzzer which skips certain seeds?

I am a master's student working on replicating the results of the paper : https://www.microsoft.com/en-us/research/publication/not-all-bytes-are-equal-neural-byte-sieve-for-fuzzing/ I want to create an augmented fuzzer which rejects the…
Vineeth Bharadwaj
  • 43
  • 1
  • 5
1
2 3