From a3f8fc5d1ccabc455e28157ee86211f0c11c81a3 Mon Sep 17 00:00:00 2001 From: Dominik Maier Date: Mon, 26 Apr 2021 16:03:08 +0200 Subject: [PATCH] moved custom_mutator examples --- custom_mutators/README.md | 8 ++++++++ .../custom_mutators => custom_mutators/examples}/Makefile | 0 .../examples}/README.md | 0 .../examples}/XmlMutatorMin.py | 0 .../examples}/common.py | 0 .../examples}/custom_mutator_helpers.h | 0 .../examples}/example.c | 0 .../examples}/example.py | 0 .../examples}/post_library_gif.so.c | 0 .../examples}/post_library_png.so.c | 0 .../examples}/simple-chunk-replace.py | 0 .../examples}/simple_example.c | 0 .../examples}/wrapper_afl_min.py | 0 docs/custom_mutators.md | 4 ++-- docs/life_pro_tips.md | 2 +- qemu_mode/README.md | 4 ++-- test/test-custom-mutators.sh | 4 ++-- 17 files changed, 15 insertions(+), 7 deletions(-) rename {utils/custom_mutators => custom_mutators/examples}/Makefile (100%) rename {utils/custom_mutators => custom_mutators/examples}/README.md (100%) rename {utils/custom_mutators => custom_mutators/examples}/XmlMutatorMin.py (100%) rename {utils/custom_mutators => custom_mutators/examples}/common.py (100%) rename {utils/custom_mutators => custom_mutators/examples}/custom_mutator_helpers.h (100%) rename {utils/custom_mutators => custom_mutators/examples}/example.c (100%) rename {utils/custom_mutators => custom_mutators/examples}/example.py (100%) rename {utils/custom_mutators => custom_mutators/examples}/post_library_gif.so.c (100%) rename {utils/custom_mutators => custom_mutators/examples}/post_library_png.so.c (100%) rename {utils/custom_mutators => custom_mutators/examples}/simple-chunk-replace.py (100%) rename {utils/custom_mutators => custom_mutators/examples}/simple_example.c (100%) rename {utils/custom_mutators => custom_mutators/examples}/wrapper_afl_min.py (100%) diff --git a/custom_mutators/README.md b/custom_mutators/README.md index b0444c85..5e1d0fe6 100644 --- a/custom_mutators/README.md +++ b/custom_mutators/README.md @@ -3,6 +3,14 @@ Custom mutators enhance and alter the mutation strategies of afl++. For further information and documentation on how to write your own, read [the docs](../docs/custom_mutators.md). +## Examples + +The `./examples` folder contains examples for custom mutators in python and C. + +## Rust + +In `./rust`, you will find rust bindings, including a simple example in `./rust/example` and an example for structured fuzzing, based on lain, in`./rust/example_lain`. + ## The afl++ Grammar Mutator If you use git to clone afl++, then the following will incorporate our diff --git a/utils/custom_mutators/Makefile b/custom_mutators/examples/Makefile similarity index 100% rename from utils/custom_mutators/Makefile rename to custom_mutators/examples/Makefile diff --git a/utils/custom_mutators/README.md b/custom_mutators/examples/README.md similarity index 100% rename from utils/custom_mutators/README.md rename to custom_mutators/examples/README.md diff --git a/utils/custom_mutators/XmlMutatorMin.py b/custom_mutators/examples/XmlMutatorMin.py similarity index 100% rename from utils/custom_mutators/XmlMutatorMin.py rename to custom_mutators/examples/XmlMutatorMin.py diff --git a/utils/custom_mutators/common.py b/custom_mutators/examples/common.py similarity index 100% rename from utils/custom_mutators/common.py rename to custom_mutators/examples/common.py diff --git a/utils/custom_mutators/custom_mutator_helpers.h b/custom_mutators/examples/custom_mutator_helpers.h similarity index 100% rename from utils/custom_mutators/custom_mutator_helpers.h rename to custom_mutators/examples/custom_mutator_helpers.h diff --git a/utils/custom_mutators/example.c b/custom_mutators/examples/example.c similarity index 100% rename from utils/custom_mutators/example.c rename to custom_mutators/examples/example.c diff --git a/utils/custom_mutators/example.py b/custom_mutators/examples/example.py similarity index 100% rename from utils/custom_mutators/example.py rename to custom_mutators/examples/example.py diff --git a/utils/custom_mutators/post_library_gif.so.c b/custom_mutators/examples/post_library_gif.so.c similarity index 100% rename from utils/custom_mutators/post_library_gif.so.c rename to custom_mutators/examples/post_library_gif.so.c diff --git a/utils/custom_mutators/post_library_png.so.c b/custom_mutators/examples/post_library_png.so.c similarity index 100% rename from utils/custom_mutators/post_library_png.so.c rename to custom_mutators/examples/post_library_png.so.c diff --git a/utils/custom_mutators/simple-chunk-replace.py b/custom_mutators/examples/simple-chunk-replace.py similarity index 100% rename from utils/custom_mutators/simple-chunk-replace.py rename to custom_mutators/examples/simple-chunk-replace.py diff --git a/utils/custom_mutators/simple_example.c b/custom_mutators/examples/simple_example.c similarity index 100% rename from utils/custom_mutators/simple_example.c rename to custom_mutators/examples/simple_example.c diff --git a/utils/custom_mutators/wrapper_afl_min.py b/custom_mutators/examples/wrapper_afl_min.py similarity index 100% rename from utils/custom_mutators/wrapper_afl_min.py rename to custom_mutators/examples/wrapper_afl_min.py diff --git a/docs/custom_mutators.md b/docs/custom_mutators.md index 62e01f83..9d5381e8 100644 --- a/docs/custom_mutators.md +++ b/docs/custom_mutators.md @@ -285,8 +285,8 @@ afl-fuzz /path/to/program ## 4) Example -Please see [example.c](../utils/custom_mutators/example.c) and -[example.py](../utils/custom_mutators/example.py) +Please see [example.c](../custom_mutators/examples/example.c) and +[example.py](../custom_mutators/examples/example.py) ## 5) Other Resources diff --git a/docs/life_pro_tips.md b/docs/life_pro_tips.md index 50ad75d4..f9ac1c53 100644 --- a/docs/life_pro_tips.md +++ b/docs/life_pro_tips.md @@ -83,5 +83,5 @@ You can find a simple solution in utils/argv_fuzzing. ## Attacking a format that uses checksums? Remove the checksum-checking code or use a postprocessor! -See utils/custom_mutators/ for more. +See `afl_custom_post_process` in custom_mutators/examples/examples.c for more. diff --git a/qemu_mode/README.md b/qemu_mode/README.md index 4aa2133e..38cb5ba6 100644 --- a/qemu_mode/README.md +++ b/qemu_mode/README.md @@ -190,8 +190,8 @@ handlers of the target. ## 13) Gotchas, feedback, bugs -If you need to fix up checksums or do other cleanup on mutated test cases, see -utils/custom_mutators/ for a viable solution. +If you need to fix up checksums or do other cleanups on mutated test cases, see +`afl_custom_post_process` in custom_mutators/examples/example.c for a viable solution. Do not mix QEMU mode with ASAN, MSAN, or the likes; QEMU doesn't appreciate the "shadow VM" trick employed by the sanitizers and will probably just diff --git a/test/test-custom-mutators.sh b/test/test-custom-mutators.sh index bae4220f..a5d666ff 100755 --- a/test/test-custom-mutators.sh +++ b/test/test-custom-mutators.sh @@ -29,8 +29,8 @@ test "1" = "`../afl-fuzz | grep -i 'without python' >/dev/null; echo $?`" && { } } # Compile the custom mutator - cc -D_FIXED_CHAR=0x41 -g -fPIC -shared -I../include ../utils/custom_mutators/simple_example.c -o libexamplemutator.so > /dev/null 2>&1 - cc -D_FIXED_CHAR=0x42 -g -fPIC -shared -I../include ../utils/custom_mutators/simple_example.c -o libexamplemutator2.so > /dev/null 2>&1 + cc -D_FIXED_CHAR=0x41 -g -fPIC -shared -I../include ../custom_mutators/examples/simple_example.c -o libexamplemutator.so > /dev/null 2>&1 + cc -D_FIXED_CHAR=0x42 -g -fPIC -shared -I../include ../custom_mutators/examples/simple_example.c -o libexamplemutator2.so > /dev/null 2>&1 test -e test-custom-mutator -a -e ./libexamplemutator.so && { # Create input directory mkdir -p in