ExternalVendorCode/AFLplusplus

mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-08 16:21:32 +00:00

History

Joey Jiao 02079d8ef9 android: Remove frida-gum package

2021-01-20 19:16:57 +08:00

..

android: Remove frida-gum package

2021-01-20 19:16:57 +08:00

afl-frida.c

afl_frida: Add AFL_FRIDA_TEST_INPUT env to debug input

2021-01-20 15:48:48 +08:00

afl-frida.h

renamed examples/ to utils/

2020-12-01 14:40:30 +01:00

GNUmakefile

fixed a few forgotten old afl-llvm-rt references

2020-12-26 21:33:54 +01:00

libtestinstr.c

renamed examples/ to utils/

2020-12-01 14:40:30 +01:00

Makefile

renamed examples/ to utils/

2020-12-01 14:40:30 +01:00

README.md

renamed examples/ to utils/

2020-12-01 14:40:30 +01:00

README.md

afl-frida - faster fuzzing of binary-only libraries

Introduction

afl-frida is an example skeleton file which can easily be used to fuzz a closed source library.

It requires less memory and is x5-10 faster than qemu_mode but does not provide interesting features like compcov or cmplog.

How-to

Modify afl-frida.c

Read and modify afl-frida.c then make. To adapt afl-frida.c to your needs, read the header of the file and then search and edit the STEP 1, STEP 2 and STEP 3 locations.

Fuzzing

Example (after modifying afl-frida.c to your needs and compile it):

LD_LIBRARY_PATH=/path/to/the/target/library afl-fuzz -i in -o out -- ./afl-frida

(or even remote via afl-network-proxy).

Speed and stability

The speed is very good, about x12 of fork() qemu_mode. However the stability is low. Reason is currently unknown.

Background

This code is copied for a larger part from https://github.com/meme/hotwax