added frida gum extension

author: van Hauser <vh@thc.org> 2020-07-14 23:26:11 +0200
committer: van Hauser <vh@thc.org> 2020-07-14 23:26:11 +0200
commit: 383b280531a92a8b81d112a9acb4e44c08987be0 (patch)
tree: 1d23c9fb0762e62db06a5a3f856387f255f700b5 /examples/afl_frida/README.md
parent: 95276f7da6ed9dd72556236f505a8997bee23387 (diff)
download: afl++-383b280531a92a8b81d112a9acb4e44c08987be0.tar.gz
1 files changed, 38 insertions, 0 deletions
diff --git a/examples/afl_frida/README.md b/examples/afl_frida/README.md
new file mode 100644
index 00000000..93e8f35a
--- /dev/null
+++ b/examples/afl_frida/README.md
@@ -0,0 +1,38 @@
+# afl-frida - faster fuzzing of binary-only libraries
+
+## Introduction
+
+afl-frida is an example skeleton file which can easily be used to fuzz
+a closed source library.
+
+It requires less memory and is x5-10 faster than qemu_mode but does not
+provide interesting features like compcov or cmplog.
+
+## How-to
+
+### Modify afl-frida.c
+
+Read and modify afl-frida.c then `make`.
+To adapt afl-frida.c to your needs, read the header of the file and then
+search and edit the `STEP 1`, `STEP 2` and `STEP 3` locations.
+
+### Fuzzing
+
+Example (after modifying afl-frida.c to your needs and compile it):
+```
+afl-fuzz -i in -o out -- ./afl-frida
+```
+(or even remote via afl-network-proxy).
+
+### Testing and debugging
+
+For testing/debugging you can try:
+```
+make DEBUG=1
+AFL_DEBUG=1 gdb ./afl-frida
+```
+and then you can easily set breakpoints to "breakpoint" and "fuzz".
+
+# Background
+
+This code ist copied for a larger part from https://github.com/meme/hotwax
author	van Hauser <vh@thc.org>	2020-07-14 23:26:11 +0200
committer	van Hauser <vh@thc.org>	2020-07-14 23:26:11 +0200
commit	383b280531a92a8b81d112a9acb4e44c08987be0 (patch)
tree	1d23c9fb0762e62db06a5a3f856387f255f700b5 /examples/afl_frida/README.md
parent	95276f7da6ed9dd72556236f505a8997bee23387 (diff)
download	afl++-383b280531a92a8b81d112a9acb4e44c08987be0.tar.gz