diff --git a/覃业斌-AFL++示例运行.md b/覃业斌-AFL++示例运行.md index ff236e7..42afed8 100644 --- a/覃业斌-AFL++示例运行.md +++ b/覃业斌-AFL++示例运行.md @@ -29,7 +29,7 @@ make distrib sudo make install ``` 安装完成后可以在使用afl-fuzz命令测试是否安装成功 -![[Pasted image 20241022154707.png]] +![[1.png]] # 三、运行示例 @@ -79,7 +79,7 @@ int main() 在模糊测试前先要进行**源码编译插桩**和**创建语料库** 1. 源码编译插桩:**使用 afl++ 自带的插桩编译器**:afl-gcc - ![[Pasted image 20241022155353.png]] + ![[2.png]] 2. 准备语料库:作为程序输入的原始材料,必须有才可以运行,原始材料越好漏洞发现的越快 ```shell ➜ afl echo "abc" >> ./input/seed1 @@ -118,14 +118,11 @@ afl-fuzz++4.22a based on afl by Michal Zalewski and a large online community len = 4, map size = 5, exec speed = 157 us, hash = ad4e684fcf34ff0e [+] All test cases processed. [+] Here are some useful stats: - Test case count : 1 favored, 0 variable, 0 ignored, 1 total Bitmap range : 5 to 5 bits (average: 5.00 bits) Exec timing : 157 to 157 us (average: 157 us) - [*] No -t option specified, so I'll use an exec timeout of 20 ms. [+] All set and ready to roll! - american fuzzy lop ++4.22a {default} (./test) [explore] ┌─ process timing ────────────────────────────────────┬─ overall results ────┐ │ run time : 0 days, 0 hrs, 0 min, 1 sec │ cycles done : 15 │ @@ -150,7 +147,6 @@ afl-fuzz++4.22a based on afl by Michal Zalewski and a large online community │py/custom/rq : unused, unused, unused, unused ├───────────────────────┘ │ trim/eff : n/a, 25.00% │ [cpu000: 12%] └─ strategy: explore ────────── state: started :-) ──┘^C - +++ Testing aborted by user +++ [*] Writing output//default/fastresume.bin ... [+] Written fastresume.bin with 295308 bytes!