American Fuzzy Lop – charlesreid1
Link to more information: https://necurity.co.uk/netsec/2015/03/30/Fun-With-AFL.html#sthash.h9Aurb7C.dpbs
American fuzzy lop is a program for Fuzzing. It is very sophisticated and can be instrumented with a binary to do very targeted fuzzing.
Installing
Get the latest version, and run make to make it:
$ wget http://lcamtuf.coredump.cx/afl/releases/afl-latest.tgz $ tar -xvf afl-latest.tgz cd afl-latest.tgz $ cd afl-* $ make $ make install
Success!
root@morpheus:~/codes/afl-2.10b# which afl-fuzz /usr/local/bin/afl-fuzz
Fuzzing a Program
Programs that can be fuzzed are those that take input files, usually binary files or unusual formats. (Think mp3, multimedia, images, etc.)
wget http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.1.6.tar.gz tar -xvf libressl-2.1.6.tar.gz cd libressl-2.1.6/ CC=~/afl/afl-1.57b/afl-gcc ./configure make check mkdir /root/testing export DESTDIR=/root/testing/ make install
Nice overview and tutorial to causing and exploring program crashes: http://necurity.co.uk/netsec/2015-03-26-Fun-With-AFL/#sthash.h9Aurb7C.dpbs
Flags