mirror of
https://github.com/AFLplusplus/AFLplusplus.git
synced 2025-06-08 00:01:33 +00:00
35 lines
945 B
Markdown
35 lines
945 B
Markdown
# afl-frida - faster fuzzing of binary-only libraries
|
|
|
|
## Introduction
|
|
|
|
afl-frida is an example skeleton file which can easily be used to fuzz
|
|
a closed source library.
|
|
|
|
It requires less memory and is x5-10 faster than qemu_mode but does not
|
|
provide interesting features like compcov or cmplog.
|
|
|
|
## How-to
|
|
|
|
### Modify afl-frida.c
|
|
|
|
Read and modify afl-frida.c then `make`.
|
|
To adapt afl-frida.c to your needs, read the header of the file and then
|
|
search and edit the `STEP 1`, `STEP 2` and `STEP 3` locations.
|
|
|
|
### Fuzzing
|
|
|
|
Example (after modifying afl-frida.c to your needs and compile it):
|
|
```
|
|
LD_LIBRARY_PATH=/path/to/the/target/library afl-fuzz -i in -o out -- ./afl-frida
|
|
```
|
|
(or even remote via afl-network-proxy).
|
|
|
|
# Speed and stability
|
|
|
|
The speed is very good, about x12 of fork() qemu_mode.
|
|
However the stability is low. Reason is currently unknown.
|
|
|
|
# Background
|
|
|
|
This code is copied for a larger part from https://github.com/meme/hotwax
|