AFLPIN: a pintool to enable branch detection with blackbox binaries.
299 views
Skip to first unread message
w.parker...@gmail.com
Jan 27, 2015, 1:01:05 PM1/27/15
to afl-...@googlegroups.com
Hello all,
I recently wrote this pintool so I could fuzz blackbox binaries without recompilation:
https://github.com/mothran/aflpin
lcamtuf has looked it over and gave me some great feedback, but I wanted to finally make it public and reach out to you guys as well to get some more testing with it.
Currently it does not use the fork server and can be quite slow (giflib tests were between 4 - 40 execs a second at best). But there is an experimental branch (forkserv) in that git repo that has my attempt at making a fork server inside a pin tool. I think it is a failed attempt due some core ways that pin instruments binaries but I thought it would none the less to be helpful for others to have a look at.
Hope you all like it, feel free to open issues or email me on this thread with feedback.
Thanks,
-Parker T.
I recently wrote this pintool so I could fuzz blackbox binaries without recompilation:
https://github.com/mothran/aflpin
lcamtuf has looked it over and gave me some great feedback, but I wanted to finally make it public and reach out to you guys as well to get some more testing with it.
Currently it does not use the fork server and can be quite slow (giflib tests were between 4 - 40 execs a second at best). But there is an experimental branch (forkserv) in that git repo that has my attempt at making a fork server inside a pin tool. I think it is a failed attempt due some core ways that pin instruments binaries but I thought it would none the less to be helpful for others to have a look at.
Hope you all like it, feel free to open issues or email me on this thread with feedback.
Thanks,
-Parker T.
Michal Zalewski
Jan 27, 2015, 3:35:13 PM1/27/15
to afl-users
Thanks! I'll play with it a bit in the coming days.
It may be useful to figure out what the performance bottlenecks are.
I know that one other person on the list is experimenting with qemu
trace output and had some very promising results in terms of
performance (I didn't even know that qemu does tracing). I think he
was going to send in his results soon.
/mz
It may be useful to figure out what the performance bottlenecks are.
I know that one other person on the list is experimenting with qemu
trace output and had some very promising results in terms of
performance (I didn't even know that qemu does tracing). I think he
was going to send in his results soon.
/mz
Zach Riggle
Jan 27, 2015, 5:17:02 PM1/27/15
to afl-...@googlegroups.com
Publicly calling out Mark Brand so he can't hide DrAfl forever.
--
You received this message because you are subscribed to the Google Groups "afl-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to afl-users+...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
abhi spark
Sep 23, 2016, 4:55:57 AM9/23/16
to afl-users
could you please provide steps for building . when i run make in the folder after i downloaded form github its poping the following error. i'm new to pin could you please say steps in detail.
make: ../../../source/tools/Utils/testGccVersion: Command not found
makefile:17: ../../../source/tools/Config/makefile.default.rules: No such file or directory
make: *** No rule to make target '../../../source/tools/Config/makefile.default.rules'. Stop.
Reply all
Reply to author
Forward
0 new messages