kill afl and resume session
2,856 views
Skip to first unread message
beni...@googlemail.com
Feb 13, 2017, 7:22:51 PM2/13/17
to afl-users
Hi,
is there a way to kill afl and restart it to continue at the exact same point where it was stopped?
When I just start it again, it says "Deleting old session data..." and starts from scratch.
I have been running it on a network mounted directory for days, and think I should better move it to a local directory.
Thanks,
Benito
is there a way to kill afl and restart it to continue at the exact same point where it was stopped?
When I just start it again, it says "Deleting old session data..." and starts from scratch.
I have been running it on a network mounted directory for days, and think I should better move it to a local directory.
Thanks,
Benito
Michal Zalewski
Feb 13, 2017, 7:25:55 PM2/13/17
to afl-users
> is there a way to kill afl and restart it to continue at the exact same
> point where it was stopped?
Yep. Edit the command line and replace -i <starting_dir> with -i-
> point where it was stopped?
while keeping the output directory (-o) the same. That should do the
trick.
> When I just start it again, it says "Deleting old session data..." and
> starts from scratch.
that ran for a bit longer. It only deletes short-lived sessions, and
that's to make it easier to correct typos and the like without having
to run 'rm -rf'.
/mz
beni...@googlemail.com
Feb 14, 2017, 9:49:45 AM2/14/17
to afl-users
It still says it is deleting something and does the dry runs again:
[+] Output directory exists, will attempt session resume.
[*] Deleting old session data...
[+] Output dir cleanup successful.
[*] Scanning 'output//_resume'...
[+] Loaded 44 auto-discovered dictionary tokens.
[*] Creating hard links for all input files...
[*] Validating target binary...
[*] Attempting dry run with 'id:000000,orig:1114m'...
Is that how a resume looks? It is confusing
[+] Output directory exists, will attempt session resume.
[*] Deleting old session data...
[+] Output dir cleanup successful.
[*] Scanning 'output//_resume'...
[+] Loaded 44 auto-discovered dictionary tokens.
[*] Creating hard links for all input files...
[*] Validating target binary...
[*] Attempting dry run with 'id:000000,orig:1114m'...
Is that how a resume looks? It is confusing
Michal Zalewski
Feb 14, 2017, 10:43:54 AM2/14/17
to afl-users
> It still says it is deleting something and does the dry runs again:
That's fine, as long as you're using -i-, you're all set.
/mz
Robert Löhning
Feb 14, 2017, 12:39:12 PM2/14/17
to afl-...@googlegroups.com
Am 14.02.2017 um 01:25 schrieb Michal Zalewski:
>> is there a way to kill afl and restart it to continue at the exact same
>> point where it was stopped?
>
> Yep. Edit the command line and replace -i <starting_dir> with -i-
> while keeping the output directory (-o) the same. That should do the
> trick.
Hi,
>> is there a way to kill afl and restart it to continue at the exact same
>> point where it was stopped?
>
> Yep. Edit the command line and replace -i <starting_dir> with -i-
> while keeping the output directory (-o) the same. That should do the
> trick.
AFAIK, this will use the existing queue of input files but will start
testing these from the beginning. In other words, already tested files
will be tested again.
Is there a way to stop afl-fuzz, e.g. for rebooting the machine, and
then go on from the same state, with the same pending tests?
Best Regards,
Robert
>
>> When I just start it again, it says "Deleting old session data..." and
>> starts from scratch.
>
> FWIW, AFL refuses to do this and suggests -i- when you have a session
> that ran for a bit longer. It only deletes short-lived sessions, and
> that's to make it easier to correct typos and the like without having
> to run 'rm -rf'.
>
> /mz
>
Robert Löhning
Software Engineer
The Qt Company GmbH
Rudower Chaussee 13
D-12489 Berlin
robert....@qt.io
+49 30 63 92 3255
http://qt.io
Geschäftsführer: Mika Pälsi,
Juha Varelius, Mika Harjuaho
Sitz der Gesellschaft: Berlin,
Registergericht: Amtsgericht
Charlottenburg, HRB 144331 B
Michal Zalewski
Feb 14, 2017, 1:21:23 PM2/14/17
to afl-users
> AFAIK, this will use the existing queue of input files but will start
> testing these from the beginning. In other words, already tested files will
> be tested again.
Not sure what do you mean? AFL keeps testing stuff continuously, so
> testing these from the beginning. In other words, already tested files will
> be tested again.
even if you don't stop it, it will keep retrying the same inputs over
and over again.
Session resumption preserves the information about the files that went
through deterministic fuzzing, though, along with the current position
in the queue (and some other metadata).
/mz
Robert Löhning
Mar 1, 2017, 5:55:55 AM3/1/17
to afl-...@googlegroups.com
oh, you're right! After the restart, afl-fuzz indeed resumed where the
previous session had stopped.
What confused me is that the UI* gives a different impression: I
interrupted a session with 2611 paths, 2388 of which were pending. Now I
restarted the session with "-i-" and all 2611 paths are pending again.
Shouldn't the number be lower now?
Best Regards,
Robert
* In 1.96b, that is. Pretty old, I know, but that's a different story.
Benito van der Zander
Mar 1, 2017, 8:26:31 AM3/1/17
to afl-...@googlegroups.com
Hi,
> What confused me is that the UI* gives a different impression: I
It was yellow and after the restart it became a purple 0
Bye,
Benito
Reply all
Reply to author
Forward
0 new messages