diff options
| -rw-r--r-- | custom_mutators/README.md | 8 | ||||
| -rw-r--r-- | custom_mutators/examples/Makefile (renamed from utils/custom_mutators/Makefile) | 0 | ||||
| -rw-r--r-- | custom_mutators/examples/README.md (renamed from utils/custom_mutators/README.md) | 0 | ||||
| -rw-r--r-- | custom_mutators/examples/XmlMutatorMin.py (renamed from utils/custom_mutators/XmlMutatorMin.py) | 0 | ||||
| -rw-r--r-- | custom_mutators/examples/common.py (renamed from utils/custom_mutators/common.py) | 0 | ||||
| -rw-r--r-- | custom_mutators/examples/custom_mutator_helpers.h (renamed from utils/custom_mutators/custom_mutator_helpers.h) | 0 | ||||
| -rw-r--r-- | custom_mutators/examples/example.c (renamed from utils/custom_mutators/example.c) | 0 | ||||
| -rw-r--r-- | custom_mutators/examples/example.py (renamed from utils/custom_mutators/example.py) | 0 | ||||
| -rw-r--r-- | custom_mutators/examples/post_library_gif.so.c (renamed from utils/custom_mutators/post_library_gif.so.c) | 0 | ||||
| -rw-r--r-- | custom_mutators/examples/post_library_png.so.c (renamed from utils/custom_mutators/post_library_png.so.c) | 0 | ||||
| -rw-r--r-- | custom_mutators/examples/simple-chunk-replace.py (renamed from utils/custom_mutators/simple-chunk-replace.py) | 0 | ||||
| -rw-r--r-- | custom_mutators/examples/simple_example.c (renamed from utils/custom_mutators/simple_example.c) | 0 | ||||
| -rw-r--r-- | custom_mutators/examples/wrapper_afl_min.py (renamed from utils/custom_mutators/wrapper_afl_min.py) | 0 | ||||
| -rw-r--r-- | docs/custom_mutators.md | 4 | ||||
| -rw-r--r-- | docs/life_pro_tips.md | 2 | ||||
| -rw-r--r-- | qemu_mode/README.md | 4 | ||||
| -rwxr-xr-x | test/test-custom-mutators.sh | 4 |
17 files changed, 15 insertions, 7 deletions
diff --git a/custom_mutators/README.md b/custom_mutators/README.md index b0444c85..5e1d0fe6 100644 --- a/custom_mutators/README.md +++ b/custom_mutators/README.md @@ -3,6 +3,14 @@ Custom mutators enhance and alter the mutation strategies of afl++. For further information and documentation on how to write your own, read [the docs](../docs/custom_mutators.md). +## Examples + +The `./examples` folder contains examples for custom mutators in python and C. + +## Rust + +In `./rust`, you will find rust bindings, including a simple example in `./rust/example` and an example for structured fuzzing, based on lain, in`./rust/example_lain`. + ## The afl++ Grammar Mutator If you use git to clone afl++, then the following will incorporate our diff --git a/utils/custom_mutators/Makefile b/custom_mutators/examples/Makefile index 9849f3f4..9849f3f4 100644 --- a/utils/custom_mutators/Makefile +++ b/custom_mutators/examples/Makefile diff --git a/utils/custom_mutators/README.md b/custom_mutators/examples/README.md index 655f7a5e..655f7a5e 100644 --- a/utils/custom_mutators/README.md +++ b/custom_mutators/examples/README.md diff --git a/utils/custom_mutators/XmlMutatorMin.py b/custom_mutators/examples/XmlMutatorMin.py index 3e6cd0ff..3e6cd0ff 100644 --- a/utils/custom_mutators/XmlMutatorMin.py +++ b/custom_mutators/examples/XmlMutatorMin.py diff --git a/utils/custom_mutators/common.py b/custom_mutators/examples/common.py index 44a5056a..44a5056a 100644 --- a/utils/custom_mutators/common.py +++ b/custom_mutators/examples/common.py diff --git a/utils/custom_mutators/custom_mutator_helpers.h b/custom_mutators/examples/custom_mutator_helpers.h index 62e6efba..62e6efba 100644 --- a/utils/custom_mutators/custom_mutator_helpers.h +++ b/custom_mutators/examples/custom_mutator_helpers.h diff --git a/utils/custom_mutators/example.c b/custom_mutators/examples/example.c index 23add128..23add128 100644 --- a/utils/custom_mutators/example.c +++ b/custom_mutators/examples/example.c diff --git a/utils/custom_mutators/example.py b/custom_mutators/examples/example.py index 3a6d22e4..3a6d22e4 100644 --- a/utils/custom_mutators/example.py +++ b/custom_mutators/examples/example.py diff --git a/utils/custom_mutators/post_library_gif.so.c b/custom_mutators/examples/post_library_gif.so.c index ac10f409..ac10f409 100644 --- a/utils/custom_mutators/post_library_gif.so.c +++ b/custom_mutators/examples/post_library_gif.so.c diff --git a/utils/custom_mutators/post_library_png.so.c b/custom_mutators/examples/post_library_png.so.c index 941f7e55..941f7e55 100644 --- a/utils/custom_mutators/post_library_png.so.c +++ b/custom_mutators/examples/post_library_png.so.c diff --git a/utils/custom_mutators/simple-chunk-replace.py b/custom_mutators/examples/simple-chunk-replace.py index c57218dd..c57218dd 100644 --- a/utils/custom_mutators/simple-chunk-replace.py +++ b/custom_mutators/examples/simple-chunk-replace.py diff --git a/utils/custom_mutators/simple_example.c b/custom_mutators/examples/simple_example.c index d888ec1f..d888ec1f 100644 --- a/utils/custom_mutators/simple_example.c +++ b/custom_mutators/examples/simple_example.c diff --git a/utils/custom_mutators/wrapper_afl_min.py b/custom_mutators/examples/wrapper_afl_min.py index 5cd60031..5cd60031 100644 --- a/utils/custom_mutators/wrapper_afl_min.py +++ b/custom_mutators/examples/wrapper_afl_min.py diff --git a/docs/custom_mutators.md b/docs/custom_mutators.md index 62e01f83..9d5381e8 100644 --- a/docs/custom_mutators.md +++ b/docs/custom_mutators.md @@ -285,8 +285,8 @@ afl-fuzz /path/to/program ## 4) Example -Please see [example.c](../utils/custom_mutators/example.c) and -[example.py](../utils/custom_mutators/example.py) +Please see [example.c](../custom_mutators/examples/example.c) and +[example.py](../custom_mutators/examples/example.py) ## 5) Other Resources diff --git a/docs/life_pro_tips.md b/docs/life_pro_tips.md index 50ad75d4..f9ac1c53 100644 --- a/docs/life_pro_tips.md +++ b/docs/life_pro_tips.md @@ -83,5 +83,5 @@ You can find a simple solution in utils/argv_fuzzing. ## Attacking a format that uses checksums? Remove the checksum-checking code or use a postprocessor! -See utils/custom_mutators/ for more. +See `afl_custom_post_process` in custom_mutators/examples/examples.c for more. diff --git a/qemu_mode/README.md b/qemu_mode/README.md index 4aa2133e..38cb5ba6 100644 --- a/qemu_mode/README.md +++ b/qemu_mode/README.md @@ -190,8 +190,8 @@ handlers of the target. ## 13) Gotchas, feedback, bugs -If you need to fix up checksums or do other cleanup on mutated test cases, see -utils/custom_mutators/ for a viable solution. +If you need to fix up checksums or do other cleanups on mutated test cases, see +`afl_custom_post_process` in custom_mutators/examples/example.c for a viable solution. Do not mix QEMU mode with ASAN, MSAN, or the likes; QEMU doesn't appreciate the "shadow VM" trick employed by the sanitizers and will probably just diff --git a/test/test-custom-mutators.sh b/test/test-custom-mutators.sh index bae4220f..a5d666ff 100755 --- a/test/test-custom-mutators.sh +++ b/test/test-custom-mutators.sh @@ -29,8 +29,8 @@ test "1" = "`../afl-fuzz | grep -i 'without python' >/dev/null; echo $?`" && { } } # Compile the custom mutator - cc -D_FIXED_CHAR=0x41 -g -fPIC -shared -I../include ../utils/custom_mutators/simple_example.c -o libexamplemutator.so > /dev/null 2>&1 - cc -D_FIXED_CHAR=0x42 -g -fPIC -shared -I../include ../utils/custom_mutators/simple_example.c -o libexamplemutator2.so > /dev/null 2>&1 + cc -D_FIXED_CHAR=0x41 -g -fPIC -shared -I../include ../custom_mutators/examples/simple_example.c -o libexamplemutator.so > /dev/null 2>&1 + cc -D_FIXED_CHAR=0x42 -g -fPIC -shared -I../include ../custom_mutators/examples/simple_example.c -o libexamplemutator2.so > /dev/null 2>&1 test -e test-custom-mutator -a -e ./libexamplemutator.so && { # Create input directory mkdir -p in |