ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-14 11:08:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix formatting and line length

Browse Source
This commit is contained in:
llzmb
2022-01-20 20:35:19 +01:00
parent 029bfc386f
commit 29f8040f09
1 changed files with 12 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
docs/fuzzing_binary-only_targets.md
View File

@ -14,6 +14,7 @@ fuzzed with AFL++.
FRIDA mode and QEMU mode in persistent mode are the fastest - if persistent mode FRIDA mode and QEMU mode in persistent mode are the fastest - if persistent mode
is possible and the stability is high enough. is possible and the stability is high enough.
Otherwise, try Zafl, RetroWrite, Dyninst, and if these fail, too, then try Otherwise, try Zafl, RetroWrite, Dyninst, and if these fail, too, then try
standard FRIDA/QEMU mode with `AFL_ENTRYPOINT` to where you need it. standard FRIDA/QEMU mode with `AFL_ENTRYPOINT` to where you need it.
@ -127,13 +128,13 @@ Working examples already exist :-)
### Nyx mode ### Nyx mode
Nyx is a full system emulation fuzzing environment with snapshot support that Nyx is a full system emulation fuzzing environment with snapshot support that is
is built upon KVM and QEMU. built upon KVM and QEMU. It is only available on Linux and currently restricted
It is only available on Linux and currently restricted to x86_x64. to x86_x64.
For binary-only fuzzing a special 5.10 kernel is required. For binary-only fuzzing a special 5.10 kernel is required.
See [nyx_mode/README.md](../nyx_mode/README.md) See [nyx_mode/README.md](../nyx_mode/README.md).
### Unicorn ### Unicorn
@ -198,15 +199,15 @@ afl-clang-fast's.
### RetroWrite ### RetroWrite
RetroWrite is a static binary rewriter that can be combined with AFL++. RetroWrite is a static binary rewriter that can be combined with AFL++. If you
If you have an x86_64 binary that still has its symbols (i.e., not stripped binary), have an x86_64 binary that still has its symbols (i.e., not stripped binary), is
is compiled with position independent code (PIC/PIE), and does not contain C++ exceptions, compiled with position independent code (PIC/PIE), and does not contain C++
then the RetroWrite solution might be for you. It decompiles to ASM files which exceptions, then the RetroWrite solution might be for you. It decompiles to ASM
can then be instrumented with afl-gcc. files which can then be instrumented with afl-gcc.
Binaries that are statically instrumented for fuzzing using RetroWrite are close Binaries that are statically instrumented for fuzzing using RetroWrite are close
in performance to compiler-instrumented binaries and outperform in performance to compiler-instrumented binaries and outperform the QEMU-based
the QEMU-based instrumentation. instrumentation.
[https://github.com/HexHive/retrowrite](https://github.com/HexHive/retrowrite) [https://github.com/HexHive/retrowrite](https://github.com/HexHive/retrowrite)