Pipe command to fuzzing target and exec additional commands seperated by semicolons?

[gr4yf0x....@gmail.com]

Hey,

I wanted to give afl-fuzz a try and need to pipe the 'yes' command to the actual target. Moreover I need to call rm after the command is executed. But I can't get it work. My approach was something like:

    afl-fuzz -i in -o out yes | fuzz-target ; rm stuff

Has someone ideas how to solve this?

Kind regards

[Michal Zalewski]

> I wanted to give afl-fuzz a try and need to pipe the 'yes' command to the
> actual target.

If you're feeding 'yes' to stdin, where should the fuzzed input go?

> Moreover I need to call rm after the command is executed.

AFL does not support calling external programs after every execution
to clean up output files, but can you share a bit more info about why
you need to take this step (versus asking the program to, dunno, write
to /dev/null or reuse a particular output file)?

> afl-fuzz -i in -o out yes | fuzz-target ; rm stuff

That command does not make sense from the perspective of Unix shell
semantics. You're calling afl-fuzz on 'yes', piping the status
messages from AFL to the fuzz-target, and then calling rm only once
later on.

/mz