You can not select more than 25 topics
			Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
		
		
		
		
		
			
		
			
				
					
					
						
							171 lines
						
					
					
						
							5.0 KiB
						
					
					
				
			
		
		
	
	
							171 lines
						
					
					
						
							5.0 KiB
						
					
					
				| #!/bin/sh
 | |
| #
 | |
| # american fuzzy lop - Advanced Persistent Graphing
 | |
| # -------------------------------------------------
 | |
| #
 | |
| # Written and maintained by Michal Zalewski <lcamtuf@google.com>
 | |
| # Based on a design & prototype by Michael Rash.
 | |
| #
 | |
| # Copyright 2014, 2015 Google LLC All rights reserved.
 | |
| #
 | |
| # Licensed under the Apache License, Version 2.0 (the "License");
 | |
| # you may not use this file except in compliance with the License.
 | |
| # You may obtain a copy of the License at:
 | |
| #
 | |
| #   http://www.apache.org/licenses/LICENSE-2.0
 | |
| #
 | |
| 
 | |
| echo "progress plotting utility for afl-fuzz by <lcamtuf@google.com>"
 | |
| echo
 | |
| 
 | |
| if [ ! "$#" = "2" ]; then
 | |
| 
 | |
|   cat 1>&2 <<_EOF_
 | |
| This program generates gnuplot images from afl-fuzz output data. Usage:
 | |
| 
 | |
| $0 afl_state_dir graph_output_dir
 | |
| 
 | |
| The afl_state_dir parameter should point to an existing state directory for any
 | |
| active or stopped instance of afl-fuzz; while graph_output_dir should point to
 | |
| an empty directory where this tool can write the resulting plots to.
 | |
| 
 | |
| The program will put index.html and three PNG images in the output directory;
 | |
| you should be able to view it with any web browser of your choice.
 | |
| 
 | |
| _EOF_
 | |
| 
 | |
|   exit 1
 | |
| 
 | |
| fi
 | |
| 
 | |
| if [ "$AFL_ALLOW_TMP" = "" ]; then
 | |
| 
 | |
|   echo "$1" | grep -qE '^(/var)?/tmp/'
 | |
|   T1="$?"
 | |
| 
 | |
|   echo "$2" | grep -qE '^(/var)?/tmp/'
 | |
|   T2="$?"
 | |
| 
 | |
|   if [ "$T1" = "0" -o "$T2" = "0" ]; then
 | |
| 
 | |
|     echo "[-] Error: this script shouldn't be used with shared /tmp directories." 1>&2
 | |
|     exit 1
 | |
| 
 | |
|   fi
 | |
| 
 | |
| fi
 | |
| 
 | |
| if [ ! -f "$1/plot_data" ]; then
 | |
| 
 | |
|   echo "[-] Error: input directory is not valid (missing 'plot_data')." 1>&2
 | |
|   exit 1
 | |
| 
 | |
| fi
 | |
| 
 | |
| BANNER="`cat "$1/fuzzer_stats" | grep '^afl_banner ' | cut -d: -f2- | cut -b2-`"
 | |
| 
 | |
| test "$BANNER" = "" && BANNER="(none)"
 | |
| 
 | |
| GNUPLOT=`which gnuplot 2>/dev/null`
 | |
| 
 | |
| if [ "$GNUPLOT" = "" ]; then
 | |
| 
 | |
|   echo "[-] Error: can't find 'gnuplot' in your \$PATH." 1>&2
 | |
|   exit 1
 | |
| 
 | |
| fi
 | |
| 
 | |
| mkdir "$2" 2>/dev/null
 | |
| 
 | |
| if [ ! -d "$2" ]; then
 | |
| 
 | |
|   echo "[-] Error: unable to create the output directory - pick another location." 1>&2
 | |
|   exit 1
 | |
| 
 | |
| fi
 | |
| 
 | |
| rm -f "$2/high_freq.png" "$2/low_freq.png" "$2/exec_speed.png"
 | |
| mv -f "$2/index.html" "$2/index.html.orig" 2>/dev/null
 | |
| 
 | |
| echo "[*] Generating plots..."
 | |
| 
 | |
| (
 | |
| 
 | |
| cat <<_EOF_
 | |
| set terminal png truecolor enhanced size 1000,300 butt
 | |
| 
 | |
| set output '$2/high_freq.png'
 | |
| 
 | |
| set xdata time
 | |
| set timefmt '%s'
 | |
| set format x "%b %d\n%H:%M"
 | |
| set tics font 'small'
 | |
| unset mxtics
 | |
| unset mytics
 | |
| 
 | |
| set grid xtics linetype 0 linecolor rgb '#e0e0e0'
 | |
| set grid ytics linetype 0 linecolor rgb '#e0e0e0'
 | |
| set border linecolor rgb '#50c0f0'
 | |
| set tics textcolor rgb '#000000'
 | |
| set key outside
 | |
| 
 | |
| set autoscale xfixmin
 | |
| set autoscale xfixmax
 | |
| 
 | |
| plot '$1/plot_data' using 1:4 with filledcurve x1 title 'total paths' linecolor rgb '#000000' fillstyle transparent solid 0.2 noborder, \\
 | |
|      '' using 1:3 with filledcurve x1 title 'current path' linecolor rgb '#f0f0f0' fillstyle transparent solid 0.5 noborder, \\
 | |
|      '' using 1:5 with lines title 'pending paths' linecolor rgb '#0090ff' linewidth 3, \\
 | |
|      '' using 1:6 with lines title 'pending favs' linecolor rgb '#c00080' linewidth 3, \\
 | |
|      '' using 1:2 with lines title 'cycles done' linecolor rgb '#c000f0' linewidth 3
 | |
| 
 | |
| set terminal png truecolor enhanced size 1000,200 butt
 | |
| set output '$2/low_freq.png'
 | |
| 
 | |
| plot '$1/plot_data' using 1:8 with filledcurve x1 title '' linecolor rgb '#c00080' fillstyle transparent solid 0.2 noborder, \\
 | |
|      '' using 1:8 with lines title ' uniq crashes' linecolor rgb '#c00080' linewidth 3, \\
 | |
|      '' using 1:9 with lines title 'uniq hangs' linecolor rgb '#c000f0' linewidth 3, \\
 | |
|      '' using 1:10 with lines title 'levels' linecolor rgb '#0090ff' linewidth 3
 | |
| 
 | |
| set terminal png truecolor enhanced size 1000,200 butt
 | |
| set output '$2/exec_speed.png'
 | |
| 
 | |
| plot '$1/plot_data' using 1:11 with filledcurve x1 title '' linecolor rgb '#0090ff' fillstyle transparent solid 0.2 noborder, \\
 | |
|      '$1/plot_data' using 1:11 with lines title '    execs/sec' linecolor rgb '#0090ff' linewidth 3 smooth bezier;
 | |
| 
 | |
| _EOF_
 | |
| 
 | |
| ) | gnuplot 
 | |
| 
 | |
| if [ ! -s "$2/exec_speed.png" ]; then
 | |
| 
 | |
|   echo "[-] Error: something went wrong! Perhaps you have an ancient version of gnuplot?" 1>&2
 | |
|   exit 1
 | |
| 
 | |
| fi
 | |
| 
 | |
| echo "[*] Generating index.html..."
 | |
| 
 | |
| cat >"$2/index.html" <<_EOF_
 | |
| <table style="font-family: 'Trebuchet MS', 'Tahoma', 'Arial', 'Helvetica'">
 | |
| <tr><td style="width: 18ex"><b>Banner:</b></td><td>$BANNER</td></tr>
 | |
| <tr><td><b>Directory:</b></td><td>$1</td></tr>
 | |
| <tr><td><b>Generated on:</b></td><td>`date`</td></tr>
 | |
| </table>
 | |
| <p>
 | |
| <img src="high_freq.png" width=1000 height=300><p>
 | |
| <img src="low_freq.png" width=1000 height=200><p>
 | |
| <img src="exec_speed.png" width=1000 height=200>
 | |
| 
 | |
| _EOF_
 | |
| 
 | |
| # Make it easy to remotely view results when outputting directly to a directory
 | |
| # served by Apache or other HTTP daemon. Since the plots aren't horribly
 | |
| # sensitive, this seems like a reasonable trade-off.
 | |
| 
 | |
| chmod 755 "$2"
 | |
| chmod 644 "$2/high_freq.png" "$2/low_freq.png" "$2/exec_speed.png" "$2/index.html"
 | |
| 
 | |
| echo "[+] All done - enjoy your charts!"
 | |
| 
 | |
| exit 0
 |