[Fuzzing with AFL] How to fuzz a simple C program with AFL on Linux

Показать описание

In this video, i will explain:
1. how to create a simple C program.
2. how to fuzz it using AFL.
3. how to replicate crashes.
4. How to compile program with ASAN, MSAN in 64 bit mode and how to run it using option "-m none".

Sample program mentioned in the video can be downloaded from here:

Please like and subscribe my channel for more videos related to various security topics:

#afl #fuzzing #linux

Рекомендации по теме

Комментарии

Apologise for audio quality for this one. It was my first ever video which i created 2 years back.

MrHardik

Sir, I new to fuzzing wants to know it's basic any good resource about it?

riteshyadav

Wow, thanks for your introduction. Would you make a video to explain how to implement a harness program ?

nothinghere

can you please provide the source of sample image.img file or tell me how you generated that? Thanks!

akhilkoul

i didn't find input file. how to get it?

vaishaliravi

Thanks for your video. Please add subtitle, I can't understand some important parts:D

amirabaskz

Please，why I have this problem？
[-] Oops, the program crashed with one of the test cases provided. There are
several possible explanations:

- The test case causes known crashes under normal working conditions. If
so, please remove it. The fuzzer should be seeded with interesting
inputs - but not ones that cause an outright crash.

- Least likely, there is a horrible bug in the fuzzer. If other options

[-] PROGRAM ABORT : Test case results in a crash
Location : perform_dry_run(), afl-fuzz.c:2852

不说-fy

For me the file of image.img did not work. it produced a crash right away so I made a file image.img with hexedit, containing the content 41 41 41 0A and then it worked. Thanks for the tip! You can also just create a file with nano containing AAA, as you suggested down there. Maybe you can just add this file to the repo, that people have it eve easier?
And after all this: thanks for the easy tutorial how to fuzz a very simple c program!

hbgfefe

[Fuzzing with AFL] How to fuzz a simple C program with AFL on Linux

How Fuzzing with AFL works! | Ep. 02

Fuzzing with AFL - Erlend Oftedal

[Fuzzing with AFL] How to fuzz a simple C program with AFL on Linux

Finding The .webp Vulnerability in 8s (Fuzzing with AFL++)

[Fuzzing with AFL] How to fuzz FFMpeg with AFL on linux

Linux Fuzzing Tutorial with AFL Fuzzer

[Fuzzing with AFLplusplus] How to install and use AFLplusplus to fuzz a simple C program

[Fuzzing with AFL] How to fuzz a binary with AFL using e9afl without having source code

Blackbox Fuzzing using AFL++ QEMU mode (Binary-Only Fuzzing)

[Fuzzing with AFL] How to fuzz TcpDump with AFL on Linux

Fuzzing with AFL - by Michael Macnair (Workshop)

[Fuzzing with AFL] How to fuzz a binary with no source code using QEMU mode?

Finding Buffer Overflow with Fuzzing | Ep. 04

Fuzzing 101 with AFL

FUZZING FOR BEGINNERS (KUGG teaches STÖK American fuzzy lop)

[Fuzzing with AFL] How to install AFL on Ubuntu

Troubleshooting AFL Fuzzing Problems | Ep. 03

[Hindi fuzzing tutorial] How to fuzz with AFL

Fuzzing 0x00 - Fuzzing theory, instrumentation and AFL

[Fuzzing with AFLPlusPlus] How to fuzz a program with AFL/AFLplusplus in persistent mode

your software is too fuzzy

Going Beyond Coverage-Guided Fuzzing with Structured Fuzzing

[Fuzzing with AFLplusplus] How to use CmpLog feature to fuzz a binary

[Fuzzing with libfuzzer,AFL] How to fuzz libfuzzer harness program using AFL