From c05e4efbe9b4e7d1ff078b7a392621f2ca7572e6 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Tue, 1 Dec 2020 14:40:30 +0100 Subject: [PATCH] renamed examples/ to utils/ --- GNUmakefile | 36 +++++++++--------- README.md | 7 ++-- docs/Changelog.md | 1 + docs/FAQ.md | 2 +- docs/binaryonly_fuzzing.md | 6 +-- docs/custom_mutators.md | 4 +- docs/env_variables.md | 2 +- docs/life_pro_tips.md | 4 +- docs/notes_for_asan.md | 4 +- docs/parallel_fuzzing.md | 2 +- examples/afl_untracer/libtestinstr.so | Bin 17152 -> 0 bytes instrumentation/README.gcc_plugin.md | 2 +- instrumentation/README.persistent_mode.md | 4 +- qemu_mode/README.md | 2 +- qemu_mode/README.persistent.md | 2 +- src/afl-as.c | 2 +- test/test-custom-mutators.sh | 8 ++-- test/test-gcc-plugin.sh | 2 +- test/test-llvm-lto.sh | 2 +- test/test-llvm.sh | 2 +- {examples => utils}/README.md | 2 +- {examples => utils}/afl_frida/GNUmakefile | 0 {examples => utils}/afl_frida/Makefile | 0 {examples => utils}/afl_frida/README.md | 0 {examples => utils}/afl_frida/afl-frida.c | 0 {examples => utils}/afl_frida/afl-frida.h | 0 {examples => utils}/afl_frida/libtestinstr.c | 0 .../afl_network_proxy/GNUmakefile | 0 .../afl_network_proxy/Makefile | 0 .../afl_network_proxy/README.md | 0 .../afl_network_proxy/afl-network-client.c | 0 .../afl_network_proxy/afl-network-server.c | 0 {examples => utils}/afl_proxy/Makefile | 0 {examples => utils}/afl_proxy/README.md | 0 {examples => utils}/afl_proxy/afl-proxy.c | 0 {examples => utils}/afl_untracer/Makefile | 0 {examples => utils}/afl_untracer/README.md | 0 {examples => utils}/afl_untracer/TODO | 0 .../afl_untracer/afl-untracer.c | 0 .../afl_untracer/ghidra_get_patchpoints.java | 2 +- .../afl_untracer/ida_get_patchpoints.py | 0 .../afl_untracer/libtestinstr.c | 0 {examples => utils}/afl_untracer/patches.txt | 0 {examples => utils}/aflpp_driver/GNUmakefile | 0 {examples => utils}/aflpp_driver/Makefile | 0 .../aflpp_driver/aflpp_driver.c | 0 .../aflpp_driver/aflpp_driver_test.c | 0 .../aflpp_driver/aflpp_qemu_driver.c | 0 .../aflpp_driver/aflpp_qemu_driver_hook.c | 0 .../analysis_scripts/queue2csv.sh | 0 {examples => utils}/argv_fuzzing/Makefile | 0 {examples => utils}/argv_fuzzing/README.md | 0 .../argv_fuzzing/argv-fuzz-inl.h | 0 {examples => utils}/argv_fuzzing/argvfuzz.c | 0 .../asan_cgroups/limit_memory.sh | 0 .../bash_shellshock/shellshock-fuzz.diff | 0 .../canvas_harness/canvas_harness.html | 0 {examples => utils}/clang_asm_normalize/as | 0 .../crash_triage/triage_crashes.sh | 0 {examples => utils}/custom_mutators/Makefile | 0 {examples => utils}/custom_mutators/README.md | 0 .../custom_mutators/XmlMutatorMin.py | 0 {examples => utils}/custom_mutators/common.py | 0 .../custom_mutators/custom_mutator_helpers.h | 0 {examples => utils}/custom_mutators/example.c | 0 .../custom_mutators/example.py | 0 .../custom_mutators/post_library_gif.so.c | 0 .../custom_mutators/post_library_png.so.c | 0 .../custom_mutators/simple-chunk-replace.py | 0 .../custom_mutators/simple_example.c | 0 .../custom_mutators/wrapper_afl_min.py | 0 {examples => utils}/defork/Makefile | 0 {examples => utils}/defork/README.md | 0 {examples => utils}/defork/defork.c | 0 {examples => utils}/defork/forking_target.c | 0 .../distributed_fuzzing/sync_script.sh | 0 .../libpng_no_checksum/libpng-nocrc.patch | 0 {examples => utils}/persistent_mode/Makefile | 0 .../persistent_mode/persistent_demo.c | 0 .../persistent_mode/persistent_demo_new.c | 0 .../persistent_mode/test-instr.c | 0 .../qemu_persistent_hook/Makefile | 0 .../qemu_persistent_hook/README.md | 0 .../qemu_persistent_hook/read_into_rdi.c | 0 .../qemu_persistent_hook/test.c | 0 {examples => utils}/socket_fuzzing/Makefile | 0 {examples => utils}/socket_fuzzing/README.md | 0 .../socket_fuzzing/socketfuzz.c | 0 88 files changed, 50 insertions(+), 48 deletions(-) delete mode 100755 examples/afl_untracer/libtestinstr.so rename {examples => utils}/README.md (97%) rename {examples => utils}/afl_frida/GNUmakefile (100%) rename {examples => utils}/afl_frida/Makefile (100%) rename {examples => utils}/afl_frida/README.md (100%) rename {examples => utils}/afl_frida/afl-frida.c (100%) rename {examples => utils}/afl_frida/afl-frida.h (100%) rename {examples => utils}/afl_frida/libtestinstr.c (100%) rename {examples => utils}/afl_network_proxy/GNUmakefile (100%) rename {examples => utils}/afl_network_proxy/Makefile (100%) rename {examples => utils}/afl_network_proxy/README.md (100%) rename {examples => utils}/afl_network_proxy/afl-network-client.c (100%) rename {examples => utils}/afl_network_proxy/afl-network-server.c (100%) rename {examples => utils}/afl_proxy/Makefile (100%) rename {examples => utils}/afl_proxy/README.md (100%) rename {examples => utils}/afl_proxy/afl-proxy.c (100%) rename {examples => utils}/afl_untracer/Makefile (100%) rename {examples => utils}/afl_untracer/README.md (100%) rename {examples => utils}/afl_untracer/TODO (100%) rename {examples => utils}/afl_untracer/afl-untracer.c (100%) rename {examples => utils}/afl_untracer/ghidra_get_patchpoints.java (97%) rename {examples => utils}/afl_untracer/ida_get_patchpoints.py (100%) rename {examples => utils}/afl_untracer/libtestinstr.c (100%) rename {examples => utils}/afl_untracer/patches.txt (100%) rename {examples => utils}/aflpp_driver/GNUmakefile (100%) rename {examples => utils}/aflpp_driver/Makefile (100%) rename {examples => utils}/aflpp_driver/aflpp_driver.c (100%) rename {examples => utils}/aflpp_driver/aflpp_driver_test.c (100%) rename {examples => utils}/aflpp_driver/aflpp_qemu_driver.c (100%) rename {examples => utils}/aflpp_driver/aflpp_qemu_driver_hook.c (100%) rename {examples => utils}/analysis_scripts/queue2csv.sh (100%) rename {examples => utils}/argv_fuzzing/Makefile (100%) rename {examples => utils}/argv_fuzzing/README.md (100%) rename {examples => utils}/argv_fuzzing/argv-fuzz-inl.h (100%) rename {examples => utils}/argv_fuzzing/argvfuzz.c (100%) rename {examples => utils}/asan_cgroups/limit_memory.sh (100%) rename {examples => utils}/bash_shellshock/shellshock-fuzz.diff (100%) rename {examples => utils}/canvas_harness/canvas_harness.html (100%) rename {examples => utils}/clang_asm_normalize/as (100%) rename {examples => utils}/crash_triage/triage_crashes.sh (100%) rename {examples => utils}/custom_mutators/Makefile (100%) rename {examples => utils}/custom_mutators/README.md (100%) rename {examples => utils}/custom_mutators/XmlMutatorMin.py (100%) rename {examples => utils}/custom_mutators/common.py (100%) rename {examples => utils}/custom_mutators/custom_mutator_helpers.h (100%) rename {examples => utils}/custom_mutators/example.c (100%) rename {examples => utils}/custom_mutators/example.py (100%) rename {examples => utils}/custom_mutators/post_library_gif.so.c (100%) rename {examples => utils}/custom_mutators/post_library_png.so.c (100%) rename {examples => utils}/custom_mutators/simple-chunk-replace.py (100%) rename {examples => utils}/custom_mutators/simple_example.c (100%) rename {examples => utils}/custom_mutators/wrapper_afl_min.py (100%) rename {examples => utils}/defork/Makefile (100%) rename {examples => utils}/defork/README.md (100%) rename {examples => utils}/defork/defork.c (100%) rename {examples => utils}/defork/forking_target.c (100%) rename {examples => utils}/distributed_fuzzing/sync_script.sh (100%) rename {examples => utils}/libpng_no_checksum/libpng-nocrc.patch (100%) rename {examples => utils}/persistent_mode/Makefile (100%) rename {examples => utils}/persistent_mode/persistent_demo.c (100%) rename {examples => utils}/persistent_mode/persistent_demo_new.c (100%) rename {examples => utils}/persistent_mode/test-instr.c (100%) rename {examples => utils}/qemu_persistent_hook/Makefile (100%) rename {examples => utils}/qemu_persistent_hook/README.md (100%) rename {examples => utils}/qemu_persistent_hook/read_into_rdi.c (100%) rename {examples => utils}/qemu_persistent_hook/test.c (100%) rename {examples => utils}/socket_fuzzing/Makefile (100%) rename {examples => utils}/socket_fuzzing/README.md (100%) rename {examples => utils}/socket_fuzzing/socketfuzz.c (100%) diff --git a/GNUmakefile b/GNUmakefile index 521ab683..309a7d4c 100644 --- a/GNUmakefile +++ b/GNUmakefile @@ -500,8 +500,8 @@ code-format: ./.custom-format.py -i instrumentation/*.c @#./.custom-format.py -i custom_mutators/*/*.c* # destroys libfuzzer :-( @#./.custom-format.py -i custom_mutators/*/*.h # destroys honggfuzz :-( - ./.custom-format.py -i examples/*/*.c* - ./.custom-format.py -i examples/*/*.h + ./.custom-format.py -i utils/*/*.c* + ./.custom-format.py -i utils/*/*.h ./.custom-format.py -i test/*.c ./.custom-format.py -i qemu_mode/libcompcov/*.c ./.custom-format.py -i qemu_mode/libcompcov/*.cc @@ -547,9 +547,9 @@ clean: -$(MAKE) -f GNUmakefile.gcc_plugin clean $(MAKE) -C libdislocator clean $(MAKE) -C libtokencap clean - $(MAKE) -C examples/afl_network_proxy clean - $(MAKE) -C examples/socket_fuzzing clean - $(MAKE) -C examples/argv_fuzzing clean + $(MAKE) -C utils/afl_network_proxy clean + $(MAKE) -C utils/socket_fuzzing clean + $(MAKE) -C utils/argv_fuzzing clean $(MAKE) -C qemu_mode/unsigaction clean $(MAKE) -C qemu_mode/libcompcov clean ifeq "$(IN_REPO)" "1" @@ -572,10 +572,10 @@ distrib: all -$(MAKE) -f GNUmakefile.gcc_plugin $(MAKE) -C libdislocator $(MAKE) -C libtokencap - $(MAKE) -C examples/aflpp_driver - $(MAKE) -C examples/afl_network_proxy - $(MAKE) -C examples/socket_fuzzing - $(MAKE) -C examples/argv_fuzzing + $(MAKE) -C utils/aflpp_driver + $(MAKE) -C utils/afl_network_proxy + $(MAKE) -C utils/socket_fuzzing + $(MAKE) -C utils/argv_fuzzing -cd qemu_mode && sh ./build_qemu_support.sh -cd unicorn_mode && unset CFLAGS && sh ./build_unicorn_support.sh @@ -583,9 +583,9 @@ distrib: all binary-only: all $(MAKE) -C libdislocator $(MAKE) -C libtokencap - $(MAKE) -C examples/afl_network_proxy - $(MAKE) -C examples/socket_fuzzing - $(MAKE) -C examples/argv_fuzzing + $(MAKE) -C utils/afl_network_proxy + $(MAKE) -C utils/socket_fuzzing + $(MAKE) -C utils/argv_fuzzing -cd qemu_mode && sh ./build_qemu_support.sh -cd unicorn_mode && unset CFLAGS && sh ./build_unicorn_support.sh @@ -595,7 +595,7 @@ source-only: all -$(MAKE) -f GNUmakefile.gcc_plugin $(MAKE) -C libdislocator $(MAKE) -C libtokencap - $(MAKE) -C examples/aflpp_driver + $(MAKE) -C utils/aflpp_driver %.8: % @echo .TH $* 8 $(BUILD_DATE) "afl++" > $@ @@ -628,11 +628,11 @@ install: all $(MANPAGES) @if [ -f libtokencap.so ]; then set -e; install -m 755 libtokencap.so $${DESTDIR}$(HELPER_PATH); fi @if [ -f libcompcov.so ]; then set -e; install -m 755 libcompcov.so $${DESTDIR}$(HELPER_PATH); fi @if [ -f afl-fuzz-document ]; then set -e; install -m 755 afl-fuzz-document $${DESTDIR}$(BIN_PATH); fi - @if [ -f socketfuzz32.so -o -f socketfuzz64.so ]; then $(MAKE) -C examples/socket_fuzzing install; fi - @if [ -f argvfuzz32.so -o -f argvfuzz64.so ]; then $(MAKE) -C examples/argv_fuzzing install; fi - @if [ -f examples/afl_network_proxy/afl-network-server ]; then $(MAKE) -C examples/afl_network_proxy install; fi - @if [ -f examples/aflpp_driver/libAFLDriver.a ]; then set -e; install -m 644 examples/aflpp_driver/libAFLDriver.a $${DESTDIR}$(HELPER_PATH); fi - @if [ -f examples/aflpp_driver/libAFLQemuDriver.a ]; then set -e; install -m 644 examples/aflpp_driver/libAFLQemuDriver.a $${DESTDIR}$(HELPER_PATH); fi + @if [ -f socketfuzz32.so -o -f socketfuzz64.so ]; then $(MAKE) -C utils/socket_fuzzing install; fi + @if [ -f argvfuzz32.so -o -f argvfuzz64.so ]; then $(MAKE) -C utils/argv_fuzzing install; fi + @if [ -f utils/afl_network_proxy/afl-network-server ]; then $(MAKE) -C utils/afl_network_proxy install; fi + @if [ -f utils/aflpp_driver/libAFLDriver.a ]; then set -e; install -m 644 utils/aflpp_driver/libAFLDriver.a $${DESTDIR}$(HELPER_PATH); fi + @if [ -f utils/aflpp_driver/libAFLQemuDriver.a ]; then set -e; install -m 644 utils/aflpp_driver/libAFLQemuDriver.a $${DESTDIR}$(HELPER_PATH); fi -$(MAKE) -f GNUmakefile.llvm install -$(MAKE) -f GNUmakefile.gcc_plugin install ln -sf afl-cc $${DESTDIR}$(BIN_PATH)/afl-gcc diff --git a/README.md b/README.md index d7cad092..b00e5d00 100644 --- a/README.md +++ b/README.md @@ -55,6 +55,7 @@ behaviours and defaults: * a caching of testcases can now be performed and can be modified by editing config.h for TESTCASE_CACHE or by specifying the env variable `AFL_TESTCACHE_SIZE` (in MB). Good values are between 50-500 (default: 50). + * utils/ got renamed to utils/ ## Contents @@ -760,10 +761,10 @@ cd unicorn_mode If the goal is to fuzz a dynamic library then there are two options available. For both you need to write a small hardness that loads and calls the library. -Faster is the frida solution: [examples/afl_frida/README.md](examples/afl_frida/README.md) +Faster is the frida solution: [utils/afl_frida/README.md](utils/afl_frida/README.md) Another, less precise and slower option is using ptrace with debugger interrupt -instrumentation: [examples/afl_untracer/README.md](examples/afl_untracer/README.md) +instrumentation: [utils/afl_untracer/README.md](utils/afl_untracer/README.md) ### More @@ -1037,7 +1038,7 @@ Here are some of the most important caveats for AFL: wholly wrap the actual data format to be tested. To work around this, you can comment out the relevant checks (see - examples/libpng_no_checksum/ for inspiration); if this is not possible, + utils/libpng_no_checksum/ for inspiration); if this is not possible, you can also write a postprocessor, one of the hooks of custom mutators. See [docs/custom_mutators.md](docs/custom_mutators.md) on how to use `AFL_CUSTOM_MUTATOR_LIBRARY` diff --git a/docs/Changelog.md b/docs/Changelog.md index 7fa7ff53..fd30c7b0 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -11,6 +11,7 @@ sending a mail to . ### Version ++3.00a (develop) - llvm_mode/ and gcc_plugin/ moved to instrumentation/ + - examples/ renamed to utils/ - all compilers combined to afl-cc which emulates the previous ones - afl-llvm/gcc-rt.o merged into afl-compiler-rt.o - afl-fuzz diff --git a/docs/FAQ.md b/docs/FAQ.md index 064638f4..714d50eb 100644 --- a/docs/FAQ.md +++ b/docs/FAQ.md @@ -63,7 +63,7 @@ x10 - that is a x100 difference!). If modifying the source is not an option (e.g. because you only have a binary and perform binary fuzzing) you can also use a shared library with AFL_PRELOAD to emulate the network. This is also much faster than the real network would be. -See [examples/socket_fuzzing/](../examples/socket_fuzzing/). +See [utils/socket_fuzzing/](../utils/socket_fuzzing/). There is an outdated afl++ branch that implements networking if you are desperate though: [https://github.com/AFLplusplus/AFLplusplus/tree/networking](https://github.com/AFLplusplus/AFLplusplus/tree/networking) - diff --git a/docs/binaryonly_fuzzing.md b/docs/binaryonly_fuzzing.md index cb1288ef..66734452 100644 --- a/docs/binaryonly_fuzzing.md +++ b/docs/binaryonly_fuzzing.md @@ -15,7 +15,7 @@ high enough. Otherwise try retrowrite, afl-dyninst and if these fail too then try standard qemu_mode with AFL_ENTRYPOINT to where you need it. - If your target is a library use examples/afl_frida/. + If your target is a library use utils/afl_frida/. If your target is non-linux then use unicorn_mode/. @@ -65,14 +65,14 @@ ## AFL FRIDA If you want to fuzz a binary-only shared library then you can fuzz it with - frida-gum via examples/afl_frida/, you will have to write a harness to + frida-gum via utils/afl_frida/, you will have to write a harness to call the target function in the library, use afl-frida.c as a template. ## AFL UNTRACER If you want to fuzz a binary-only shared library then you can fuzz it with - examples/afl_untracer/, use afl-untracer.c as a template. + utils/afl_untracer/, use afl-untracer.c as a template. It is slower than AFL FRIDA (see above). diff --git a/docs/custom_mutators.md b/docs/custom_mutators.md index 53f783fe..6e16ba0f 100644 --- a/docs/custom_mutators.md +++ b/docs/custom_mutators.md @@ -268,8 +268,8 @@ afl-fuzz /path/to/program ## 4) Example -Please see [example.c](../examples/custom_mutators/example.c) and -[example.py](../examples/custom_mutators/example.py) +Please see [example.c](../utils/custom_mutators/example.c) and +[example.py](../utils/custom_mutators/example.py) ## 5) Other Resources diff --git a/docs/env_variables.md b/docs/env_variables.md index f7b4c994..ada89257 100644 --- a/docs/env_variables.md +++ b/docs/env_variables.md @@ -55,7 +55,7 @@ make fairly broad use of environmental variables instead: in your `$PATH`. - `AFL_PATH` can be used to point afl-gcc to an alternate location of afl-as. - One possible use of this is examples/clang_asm_normalize/, which lets + One possible use of this is utils/clang_asm_normalize/, which lets you instrument hand-written assembly when compiling clang code by plugging a normalizer into the chain. (There is no equivalent feature for GCC.) diff --git a/docs/life_pro_tips.md b/docs/life_pro_tips.md index 323f16f1..77845c63 100644 --- a/docs/life_pro_tips.md +++ b/docs/life_pro_tips.md @@ -78,10 +78,10 @@ Be sure to check out docs/sister_projects.md before writing your own. ## Need to fuzz the command-line arguments of a particular program? -You can find a simple solution in examples/argv_fuzzing. +You can find a simple solution in utils/argv_fuzzing. ## Attacking a format that uses checksums? Remove the checksum-checking code or use a postprocessor! -See examples/custom_mutators/ for more. +See utils/custom_mutators/ for more. diff --git a/docs/notes_for_asan.md b/docs/notes_for_asan.md index 2e18c15f..f08ae3fb 100644 --- a/docs/notes_for_asan.md +++ b/docs/notes_for_asan.md @@ -20,7 +20,7 @@ Because of this, fuzzing with ASAN is recommended only in four scenarios: - Precisely gauge memory needs using http://jwilk.net/software/recidivm . - Limit the memory available to process using cgroups on Linux (see - examples/asan_cgroups). + utils/asan_cgroups). To compile with ASAN, set AFL_USE_ASAN=1 before calling 'make clean all'. The afl-gcc / afl-clang wrappers will pick that up and add the appropriate flags. @@ -74,7 +74,7 @@ There are also cgroups, but they are Linux-specific, not universally available even on Linux systems, and they require root permissions to set up; I'm a bit hesitant to make afl-fuzz require root permissions just for that. That said, if you are on Linux and want to use cgroups, check out the contributed script -that ships in examples/asan_cgroups/. +that ships in utils/asan_cgroups/. In settings where cgroups aren't available, we have no nice, portable way to avoid counting the ASAN allocation toward the limit. On 32-bit systems, or for diff --git a/docs/parallel_fuzzing.md b/docs/parallel_fuzzing.md index bf57ace8..8f2afe1b 100644 --- a/docs/parallel_fuzzing.md +++ b/docs/parallel_fuzzing.md @@ -152,7 +152,7 @@ write a simple script that performs two actions: done ``` -There is an example of such a script in examples/distributed_fuzzing/. +There is an example of such a script in utils/distributed_fuzzing/. There are other (older) more featured, experimental tools: * https://github.com/richo/roving diff --git a/examples/afl_untracer/libtestinstr.so b/examples/afl_untracer/libtestinstr.so deleted file mode 100755 index 389a946c882529d4ea3d7bd082ed637b27ce10ae..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 17152 zcmeHOZ)_Y#6`#HJ*_WJSJO7H4v}6+5B}Mpbhvt7BpY7N=gOixx2o<$#*LUl?YwmW< z?w(_Zwpc{8L{Xw31ga=skoZ9PSVUFv1y>DGp#r5+DV0zqQ(8z#p{W!qBT$a_cIKUT z*XOnpf4;C|-M)FhdA~QaZ|7!qd^2Ai9vg`%3Zta5!wj|YHi4vN!NNhA0g-0=*&4X+ zVBE89ST0(Tdr}sXWYRCz5l3sOhvl4X5=kmY*mKE|42gT!n*66!N&0z>P}Y_b25pCf zvOOkrE+z3$MIM(tE_oyuWIIVFgd4Ao*v|dZUs!fXJCfc#0XF`Yo5TDATo{BU*^?yR z=YWUp{HTe-ep1%AT3l|*`y(k;@BTJHWh#7*9zVs>FCD$}l|RiqdEwIUZoJWb;GG-k zi6^iv6hGw2_Cb?57J2$luI_xwQ&zcPJ9(Wl4X_P$aIA;d!9TSMJ_7j8I`*dk+rXMx ze7z_vkd3D0%a*A*u5P=U#<}BYDT%5dHJ@x2^I>LvO1SD^3| za3BzEne&e>ov++F_vkJ5*!YFvTbb;&%!T2ljB@QN_=Q~Sv+TZ}N((glN(*>@_ja{< zV;2?lE*HFt1+8HA8#H?nHRbXzFsfd>0}%!=N>K!&2t*NxA`nF&ia->BC<0Lgq6kD0 zh$0Y0;J+M!G0Qsb@KW)#!F7Jtur2Odylm`XWzQ(Tk?*87bS;LmaGC_*{9nTD=eCn;`Lb%cpNvtB-)h-;gmW zXHPO^woTdA+?2QsKQwj#b|-x1!JdO;Eo~z$?Vo8)o=MEJ{;h{T`RR_G2qPc<9l&P6 zj()pD9Jvp`rxWV&{#!B7()M_4XkBA03pJocl%fbk5r`rXMIeem6oDuLQ3Rq0L=lK0 z@P8fwxlfe#h0>l+T(eP_`@-FuJBG2C4(A}ivvV%K!Y{j;Ep04J0)kZ=AXT)N>?j~Gid z-33LlhNhh;ltd9ltm#*t)_B^};)@{EhB*B1fyEMW>^2PvuSjXM(IVmXB=Ch#Dh@x( zGi7sQxH{!~jgyrrD7nKx&NmBKH)CT<}*1?j= z!vH}8WEP^(&;HLj>h9)sQE3hYtObMJ!js<~y$c*S&zdDF;oH0YkT^W6g@W7DOIgP-o4 zG1G0#>gDN@;dJX$C9Pt*ww^WYa4TzWvIX77g93c0cc1JvysPY1OrtMvn1)@f$uI2RSOE*)ELJEEmRU zHVor53x;tV_ks!Mkp}i&HHeCNIR>*co!g>v9Ow|A4?XuC5?=`6`v6ybalra84Z%l& z6EWfE@-X1&pU#({Ev6axC;*0^@3#T3*Z$S+>j$2nHnzke6H4{`JOehdI{o%Jz!kRg zx&Pe5SN5x4dv&es&%c*`!u{kg9=@`_sc>U4I4uWXfk0XVI1eB~=>)vqxu$)q*pGPj zE6*v7uVVi&;5d!0NLkx;+{)AxOfAdDnKZYoW${3h!!#{tY59^hsh6~zYuS#bS7uq( z!a2Y-a;cvB7I?_1sOh$?&uIos5_4?I*2{*LtCY)gK=ElBSh@kz(3GcXBPR!r4Qs>4 zkKoBG^o*4{mR8Ws93Hqja{uvxW1~ZW!c?OTXCxtW)<;;~~S_A3YLKY}zTCS1G zo0ZgLrC7>!6?4qf3c6EZsob0iOd;VInO8Dn*iO+h1BwP^wo%fNAam0tm!-U0PeC@7 zw?K7`S-5%uPT5vYcXgIB3i4qUa^QqCK^0F;Fenc-=;dM-s<&M942|>rOgaurLBA>rb>_2-(?*k+|LNzpm^c3jt z!#jLT;t$CTN#fJ{J*^+e&3?$>nuYkZt|3Y546GNvy0vu@%}8m$&^PhvJ%l8!i@?N7 z=)<2fpx_#X`1HO)66X(0)PAxfc?!yK%|kl9*O25$h7@kUK*bv`mJy%ce@N2(Q~eY_ zx_?vp9+VE}(HSI?WQTkhoma$f7BGwntt)Hev>dPD{XUSS`x@pz&d=wPSCchMk)dgT z}cU7-g~^^(7fAwIqDk)-u4*@y4{Tar)Dk8x=!<^576 zLG32}Dac?GiND%;XR;61|8$5y&xIw)M~En8xc(mlj(wc^7rn30dFZe`=_G#!+*Ti- z-jCXGV1Pt+LR;1ee+de(?@|5qeoN=g7ce-G=)Q?Z&+%(eh9<vRzv`$^ktMGez1@TKC!r!_I|B~bv zK7@a_ /dev/null 2>&1 - cc -D_FIXED_CHAR=0x42 -g -fPIC -shared -I../include ../examples/custom_mutators/simple_example.c -o libexamplemutator2.so > /dev/null 2>&1 + cc -D_FIXED_CHAR=0x41 -g -fPIC -shared -I../include ../utils/custom_mutators/simple_example.c -o libexamplemutator.so > /dev/null 2>&1 + cc -D_FIXED_CHAR=0x42 -g -fPIC -shared -I../include ../utils/custom_mutators/simple_example.c -o libexamplemutator2.so > /dev/null 2>&1 test -e test-custom-mutator -a -e ./libexamplemutator.so && { # Create input directory mkdir -p in @@ -109,7 +109,7 @@ test "1" = "`../afl-fuzz | grep -i 'without python' >/dev/null; echo $?`" && { #test "$CODE" = 1 && { $ECHO "$YELLOW[!] custom mutator tests currently will not fail travis" ; CODE=0 ; } - make -C ../examples/custom_mutators clean > /dev/null 2>&1 + make -C ../utils/custom_mutators clean > /dev/null 2>&1 rm -f test-custom-mutator rm -f test-custom-mutators } || { diff --git a/test/test-gcc-plugin.sh b/test/test-gcc-plugin.sh index af8674c9..71d86364 100755 --- a/test/test-gcc-plugin.sh +++ b/test/test-gcc-plugin.sh @@ -94,7 +94,7 @@ test -e ../afl-gcc-fast -a -e ../afl-compiler-rt.o && { CODE=1 } rm -f test-compcov test.out instrumentlist.txt - ../afl-gcc-fast -o test-persistent ../examples/persistent_mode/persistent_demo.c > /dev/null 2>&1 + ../afl-gcc-fast -o test-persistent ../utils/persistent_mode/persistent_demo.c > /dev/null 2>&1 test -e test-persistent && { echo foo | ../afl-showmap -m ${MEM_LIMIT} -o /dev/null -q -r ./test-persistent && { $ECHO "$GREEN[+] gcc_plugin persistent mode feature works correctly" diff --git a/test/test-llvm-lto.sh b/test/test-llvm-lto.sh index bdb08559..e10f4cf7 100755 --- a/test/test-llvm-lto.sh +++ b/test/test-llvm-lto.sh @@ -57,7 +57,7 @@ test -e ../afl-clang-lto -a -e ../afl-llvm-lto-instrumentation.so && { CODE=1 } rm -f test-compcov test.out instrumentlist.txt - ../afl-clang-lto -o test-persistent ../examples/persistent_mode/persistent_mode.c > /dev/null 2>&1 + ../afl-clang-lto -o test-persistent ../utils/persistent_mode/persistent_mode.c > /dev/null 2>&1 test -e test-persistent && { echo foo | ../afl-showmap -m none -o /dev/null -q -r ./test-persistent && { $ECHO "$GREEN[+] llvm_mode LTO persistent mode feature works correctly" diff --git a/test/test-llvm.sh b/test/test-llvm.sh index 14778e1c..4fcaf367 100755 --- a/test/test-llvm.sh +++ b/test/test-llvm.sh @@ -209,7 +209,7 @@ test -e ../afl-clang-fast -a -e ../split-switches-pass.so && { INCOMPLETE=1 } rm -rf errors test-cmplog in core.* - ../afl-clang-fast -o test-persistent ../examples/persistent_mode/persistent_demo.c > /dev/null 2>&1 + ../afl-clang-fast -o test-persistent ../utils/persistent_mode/persistent_demo.c > /dev/null 2>&1 test -e test-persistent && { echo foo | ../afl-showmap -m ${MEM_LIMIT} -o /dev/null -q -r ./test-persistent && { $ECHO "$GREEN[+] llvm_mode persistent mode feature works correctly" diff --git a/examples/README.md b/utils/README.md similarity index 97% rename from examples/README.md rename to utils/README.md index 7dd70d6a..336b6b6c 100644 --- a/examples/README.md +++ b/utils/README.md @@ -45,7 +45,7 @@ Here's a quick overview of the stuff you can find in this directory: - socket_fuzzing - a LD_PRELOAD library 'redirects' a socket to stdin for fuzzing access with afl++ -Note that the minimize_corpus.sh tool has graduated from the examples/ +Note that the minimize_corpus.sh tool has graduated from the utils/ directory and is now available as ../afl-cmin. The LLVM mode has likewise graduated to ../instrumentation/*. diff --git a/examples/afl_frida/GNUmakefile b/utils/afl_frida/GNUmakefile similarity index 100% rename from examples/afl_frida/GNUmakefile rename to utils/afl_frida/GNUmakefile diff --git a/examples/afl_frida/Makefile b/utils/afl_frida/Makefile similarity index 100% rename from examples/afl_frida/Makefile rename to utils/afl_frida/Makefile diff --git a/examples/afl_frida/README.md b/utils/afl_frida/README.md similarity index 100% rename from examples/afl_frida/README.md rename to utils/afl_frida/README.md diff --git a/examples/afl_frida/afl-frida.c b/utils/afl_frida/afl-frida.c similarity index 100% rename from examples/afl_frida/afl-frida.c rename to utils/afl_frida/afl-frida.c diff --git a/examples/afl_frida/afl-frida.h b/utils/afl_frida/afl-frida.h similarity index 100% rename from examples/afl_frida/afl-frida.h rename to utils/afl_frida/afl-frida.h diff --git a/examples/afl_frida/libtestinstr.c b/utils/afl_frida/libtestinstr.c similarity index 100% rename from examples/afl_frida/libtestinstr.c rename to utils/afl_frida/libtestinstr.c diff --git a/examples/afl_network_proxy/GNUmakefile b/utils/afl_network_proxy/GNUmakefile similarity index 100% rename from examples/afl_network_proxy/GNUmakefile rename to utils/afl_network_proxy/GNUmakefile diff --git a/examples/afl_network_proxy/Makefile b/utils/afl_network_proxy/Makefile similarity index 100% rename from examples/afl_network_proxy/Makefile rename to utils/afl_network_proxy/Makefile diff --git a/examples/afl_network_proxy/README.md b/utils/afl_network_proxy/README.md similarity index 100% rename from examples/afl_network_proxy/README.md rename to utils/afl_network_proxy/README.md diff --git a/examples/afl_network_proxy/afl-network-client.c b/utils/afl_network_proxy/afl-network-client.c similarity index 100% rename from examples/afl_network_proxy/afl-network-client.c rename to utils/afl_network_proxy/afl-network-client.c diff --git a/examples/afl_network_proxy/afl-network-server.c b/utils/afl_network_proxy/afl-network-server.c similarity index 100% rename from examples/afl_network_proxy/afl-network-server.c rename to utils/afl_network_proxy/afl-network-server.c diff --git a/examples/afl_proxy/Makefile b/utils/afl_proxy/Makefile similarity index 100% rename from examples/afl_proxy/Makefile rename to utils/afl_proxy/Makefile diff --git a/examples/afl_proxy/README.md b/utils/afl_proxy/README.md similarity index 100% rename from examples/afl_proxy/README.md rename to utils/afl_proxy/README.md diff --git a/examples/afl_proxy/afl-proxy.c b/utils/afl_proxy/afl-proxy.c similarity index 100% rename from examples/afl_proxy/afl-proxy.c rename to utils/afl_proxy/afl-proxy.c diff --git a/examples/afl_untracer/Makefile b/utils/afl_untracer/Makefile similarity index 100% rename from examples/afl_untracer/Makefile rename to utils/afl_untracer/Makefile diff --git a/examples/afl_untracer/README.md b/utils/afl_untracer/README.md similarity index 100% rename from examples/afl_untracer/README.md rename to utils/afl_untracer/README.md diff --git a/examples/afl_untracer/TODO b/utils/afl_untracer/TODO similarity index 100% rename from examples/afl_untracer/TODO rename to utils/afl_untracer/TODO diff --git a/examples/afl_untracer/afl-untracer.c b/utils/afl_untracer/afl-untracer.c similarity index 100% rename from examples/afl_untracer/afl-untracer.c rename to utils/afl_untracer/afl-untracer.c diff --git a/examples/afl_untracer/ghidra_get_patchpoints.java b/utils/afl_untracer/ghidra_get_patchpoints.java similarity index 97% rename from examples/afl_untracer/ghidra_get_patchpoints.java rename to utils/afl_untracer/ghidra_get_patchpoints.java index d341bea4..2a93642b 100644 --- a/examples/afl_untracer/ghidra_get_patchpoints.java +++ b/utils/afl_untracer/ghidra_get_patchpoints.java @@ -13,7 +13,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -// Find patch points for untracer tools (e.g. afl++ examples/afl_untracer) +// Find patch points for untracer tools (e.g. afl++ utils/afl_untracer) // // Copy to ..../Ghidra/Features/Search/ghidra_scripts/ // Writes the results to ~/Desktop/patches.txt diff --git a/examples/afl_untracer/ida_get_patchpoints.py b/utils/afl_untracer/ida_get_patchpoints.py similarity index 100% rename from examples/afl_untracer/ida_get_patchpoints.py rename to utils/afl_untracer/ida_get_patchpoints.py diff --git a/examples/afl_untracer/libtestinstr.c b/utils/afl_untracer/libtestinstr.c similarity index 100% rename from examples/afl_untracer/libtestinstr.c rename to utils/afl_untracer/libtestinstr.c diff --git a/examples/afl_untracer/patches.txt b/utils/afl_untracer/patches.txt similarity index 100% rename from examples/afl_untracer/patches.txt rename to utils/afl_untracer/patches.txt diff --git a/examples/aflpp_driver/GNUmakefile b/utils/aflpp_driver/GNUmakefile similarity index 100% rename from examples/aflpp_driver/GNUmakefile rename to utils/aflpp_driver/GNUmakefile diff --git a/examples/aflpp_driver/Makefile b/utils/aflpp_driver/Makefile similarity index 100% rename from examples/aflpp_driver/Makefile rename to utils/aflpp_driver/Makefile diff --git a/examples/aflpp_driver/aflpp_driver.c b/utils/aflpp_driver/aflpp_driver.c similarity index 100% rename from examples/aflpp_driver/aflpp_driver.c rename to utils/aflpp_driver/aflpp_driver.c diff --git a/examples/aflpp_driver/aflpp_driver_test.c b/utils/aflpp_driver/aflpp_driver_test.c similarity index 100% rename from examples/aflpp_driver/aflpp_driver_test.c rename to utils/aflpp_driver/aflpp_driver_test.c diff --git a/examples/aflpp_driver/aflpp_qemu_driver.c b/utils/aflpp_driver/aflpp_qemu_driver.c similarity index 100% rename from examples/aflpp_driver/aflpp_qemu_driver.c rename to utils/aflpp_driver/aflpp_qemu_driver.c diff --git a/examples/aflpp_driver/aflpp_qemu_driver_hook.c b/utils/aflpp_driver/aflpp_qemu_driver_hook.c similarity index 100% rename from examples/aflpp_driver/aflpp_qemu_driver_hook.c rename to utils/aflpp_driver/aflpp_qemu_driver_hook.c diff --git a/examples/analysis_scripts/queue2csv.sh b/utils/analysis_scripts/queue2csv.sh similarity index 100% rename from examples/analysis_scripts/queue2csv.sh rename to utils/analysis_scripts/queue2csv.sh diff --git a/examples/argv_fuzzing/Makefile b/utils/argv_fuzzing/Makefile similarity index 100% rename from examples/argv_fuzzing/Makefile rename to utils/argv_fuzzing/Makefile diff --git a/examples/argv_fuzzing/README.md b/utils/argv_fuzzing/README.md similarity index 100% rename from examples/argv_fuzzing/README.md rename to utils/argv_fuzzing/README.md diff --git a/examples/argv_fuzzing/argv-fuzz-inl.h b/utils/argv_fuzzing/argv-fuzz-inl.h similarity index 100% rename from examples/argv_fuzzing/argv-fuzz-inl.h rename to utils/argv_fuzzing/argv-fuzz-inl.h diff --git a/examples/argv_fuzzing/argvfuzz.c b/utils/argv_fuzzing/argvfuzz.c similarity index 100% rename from examples/argv_fuzzing/argvfuzz.c rename to utils/argv_fuzzing/argvfuzz.c diff --git a/examples/asan_cgroups/limit_memory.sh b/utils/asan_cgroups/limit_memory.sh similarity index 100% rename from examples/asan_cgroups/limit_memory.sh rename to utils/asan_cgroups/limit_memory.sh diff --git a/examples/bash_shellshock/shellshock-fuzz.diff b/utils/bash_shellshock/shellshock-fuzz.diff similarity index 100% rename from examples/bash_shellshock/shellshock-fuzz.diff rename to utils/bash_shellshock/shellshock-fuzz.diff diff --git a/examples/canvas_harness/canvas_harness.html b/utils/canvas_harness/canvas_harness.html similarity index 100% rename from examples/canvas_harness/canvas_harness.html rename to utils/canvas_harness/canvas_harness.html diff --git a/examples/clang_asm_normalize/as b/utils/clang_asm_normalize/as similarity index 100% rename from examples/clang_asm_normalize/as rename to utils/clang_asm_normalize/as diff --git a/examples/crash_triage/triage_crashes.sh b/utils/crash_triage/triage_crashes.sh similarity index 100% rename from examples/crash_triage/triage_crashes.sh rename to utils/crash_triage/triage_crashes.sh diff --git a/examples/custom_mutators/Makefile b/utils/custom_mutators/Makefile similarity index 100% rename from examples/custom_mutators/Makefile rename to utils/custom_mutators/Makefile diff --git a/examples/custom_mutators/README.md b/utils/custom_mutators/README.md similarity index 100% rename from examples/custom_mutators/README.md rename to utils/custom_mutators/README.md diff --git a/examples/custom_mutators/XmlMutatorMin.py b/utils/custom_mutators/XmlMutatorMin.py similarity index 100% rename from examples/custom_mutators/XmlMutatorMin.py rename to utils/custom_mutators/XmlMutatorMin.py diff --git a/examples/custom_mutators/common.py b/utils/custom_mutators/common.py similarity index 100% rename from examples/custom_mutators/common.py rename to utils/custom_mutators/common.py diff --git a/examples/custom_mutators/custom_mutator_helpers.h b/utils/custom_mutators/custom_mutator_helpers.h similarity index 100% rename from examples/custom_mutators/custom_mutator_helpers.h rename to utils/custom_mutators/custom_mutator_helpers.h diff --git a/examples/custom_mutators/example.c b/utils/custom_mutators/example.c similarity index 100% rename from examples/custom_mutators/example.c rename to utils/custom_mutators/example.c diff --git a/examples/custom_mutators/example.py b/utils/custom_mutators/example.py similarity index 100% rename from examples/custom_mutators/example.py rename to utils/custom_mutators/example.py diff --git a/examples/custom_mutators/post_library_gif.so.c b/utils/custom_mutators/post_library_gif.so.c similarity index 100% rename from examples/custom_mutators/post_library_gif.so.c rename to utils/custom_mutators/post_library_gif.so.c diff --git a/examples/custom_mutators/post_library_png.so.c b/utils/custom_mutators/post_library_png.so.c similarity index 100% rename from examples/custom_mutators/post_library_png.so.c rename to utils/custom_mutators/post_library_png.so.c diff --git a/examples/custom_mutators/simple-chunk-replace.py b/utils/custom_mutators/simple-chunk-replace.py similarity index 100% rename from examples/custom_mutators/simple-chunk-replace.py rename to utils/custom_mutators/simple-chunk-replace.py diff --git a/examples/custom_mutators/simple_example.c b/utils/custom_mutators/simple_example.c similarity index 100% rename from examples/custom_mutators/simple_example.c rename to utils/custom_mutators/simple_example.c diff --git a/examples/custom_mutators/wrapper_afl_min.py b/utils/custom_mutators/wrapper_afl_min.py similarity index 100% rename from examples/custom_mutators/wrapper_afl_min.py rename to utils/custom_mutators/wrapper_afl_min.py diff --git a/examples/defork/Makefile b/utils/defork/Makefile similarity index 100% rename from examples/defork/Makefile rename to utils/defork/Makefile diff --git a/examples/defork/README.md b/utils/defork/README.md similarity index 100% rename from examples/defork/README.md rename to utils/defork/README.md diff --git a/examples/defork/defork.c b/utils/defork/defork.c similarity index 100% rename from examples/defork/defork.c rename to utils/defork/defork.c diff --git a/examples/defork/forking_target.c b/utils/defork/forking_target.c similarity index 100% rename from examples/defork/forking_target.c rename to utils/defork/forking_target.c diff --git a/examples/distributed_fuzzing/sync_script.sh b/utils/distributed_fuzzing/sync_script.sh similarity index 100% rename from examples/distributed_fuzzing/sync_script.sh rename to utils/distributed_fuzzing/sync_script.sh diff --git a/examples/libpng_no_checksum/libpng-nocrc.patch b/utils/libpng_no_checksum/libpng-nocrc.patch similarity index 100% rename from examples/libpng_no_checksum/libpng-nocrc.patch rename to utils/libpng_no_checksum/libpng-nocrc.patch diff --git a/examples/persistent_mode/Makefile b/utils/persistent_mode/Makefile similarity index 100% rename from examples/persistent_mode/Makefile rename to utils/persistent_mode/Makefile diff --git a/examples/persistent_mode/persistent_demo.c b/utils/persistent_mode/persistent_demo.c similarity index 100% rename from examples/persistent_mode/persistent_demo.c rename to utils/persistent_mode/persistent_demo.c diff --git a/examples/persistent_mode/persistent_demo_new.c b/utils/persistent_mode/persistent_demo_new.c similarity index 100% rename from examples/persistent_mode/persistent_demo_new.c rename to utils/persistent_mode/persistent_demo_new.c diff --git a/examples/persistent_mode/test-instr.c b/utils/persistent_mode/test-instr.c similarity index 100% rename from examples/persistent_mode/test-instr.c rename to utils/persistent_mode/test-instr.c diff --git a/examples/qemu_persistent_hook/Makefile b/utils/qemu_persistent_hook/Makefile similarity index 100% rename from examples/qemu_persistent_hook/Makefile rename to utils/qemu_persistent_hook/Makefile diff --git a/examples/qemu_persistent_hook/README.md b/utils/qemu_persistent_hook/README.md similarity index 100% rename from examples/qemu_persistent_hook/README.md rename to utils/qemu_persistent_hook/README.md diff --git a/examples/qemu_persistent_hook/read_into_rdi.c b/utils/qemu_persistent_hook/read_into_rdi.c similarity index 100% rename from examples/qemu_persistent_hook/read_into_rdi.c rename to utils/qemu_persistent_hook/read_into_rdi.c diff --git a/examples/qemu_persistent_hook/test.c b/utils/qemu_persistent_hook/test.c similarity index 100% rename from examples/qemu_persistent_hook/test.c rename to utils/qemu_persistent_hook/test.c diff --git a/examples/socket_fuzzing/Makefile b/utils/socket_fuzzing/Makefile similarity index 100% rename from examples/socket_fuzzing/Makefile rename to utils/socket_fuzzing/Makefile diff --git a/examples/socket_fuzzing/README.md b/utils/socket_fuzzing/README.md similarity index 100% rename from examples/socket_fuzzing/README.md rename to utils/socket_fuzzing/README.md diff --git a/examples/socket_fuzzing/socketfuzz.c b/utils/socket_fuzzing/socketfuzz.c similarity index 100% rename from examples/socket_fuzzing/socketfuzz.c rename to utils/socket_fuzzing/socketfuzz.c