Skip to content

S
s2fuzzer
Commit d91e758d by 文周繁
Options

feat:更新s2fuzzer说明

parent f367d764
Showing with 26 additions and 18 deletions
s2fuzzer说明.md
# S2fuzzer说明 # S2fuzzer说明
...@@ -70,6 +70,8 @@ ...@@ -70,6 +70,8 @@
### 1.S2fuzzer工具编译 ### 1.S2fuzzer工具编译
按如下命令编译`s2fuzzer`工具:
```sh ```sh
# Install clang (as required by AFL/AFLNet to enable llvm_mode) # Install clang (as required by AFL/AFLNet to enable llvm_mode)
sudo apt-get install clang llvm sudo apt-get install clang llvm
...@@ -90,23 +92,25 @@ make ...@@ -90,23 +92,25 @@ make
编译完成后,工具目录生成如下程序: 编译完成后,工具目录生成如下程序:
| 名称 | | | 名称 | 说明 |
| :--------------: | :-------------------: | | :--------------: | :--------------------------: |
| afl-analyze | 输入数据模式分析器 | | afl-analyze | 输入数据模式分析器 |
| afl-as | 汇编器包装器 | | afl-as | 汇编器包装器 |
| afl-gcc | `gcc`编译器封装器 | | afl-gcc | `gcc`编译器封装器 |
| afl-g++ | `g++`编译器封装器 | | afl-g++ | `g++`编译器封装器 |
| afl-clang | `Clang`编译器封装器 | | afl-clang | `Clang`编译器封装器 |
| afl-clang++ | `Clang++`编译器封装器 | | afl-clang++ | `Clang++`编译器封装器 |
| afl-clang-fast | 高性能`Clang`封装器 | | afl-clang-fast | 高性能`Clang`封装器 |
| afl-clang-fast++ | 高性能`Clang++`封装器 | | afl-clang-fast++ | 高性能`Clang++`封装器 |
| afl-showmap | 覆盖率地图生成器 | | afl-showmap | 覆盖率地图生成器 |
| afl-tmin | 崩溃用例最小化工具 | | afl-tmin | 崩溃用例最小化工具 |
| s2fuzzer | 模糊测试主引擎 | | s2fuzzer | 模糊测试主引擎 |
| afl-replay | 通用输入重放器 | | afl-replay | 通用输入重放器 |
| aflnet-replay | 有状态网络协议重放器 | | aflnet-replay | 有状态网络协议重放器 |
| afl-llvm-pass.so | LLVM插桩插件 | | afl-llvm-pass.so | LLVM插桩插件 |
| sock2shm.so | 共享内存加速库 | | sock2shm.so | 共享内存加速库 |
| e9tool | `E9Patch` 的线性反汇编工具 |
| testghidra | java实现的`Ghidra`脚本工具集 |
...@@ -134,6 +138,8 @@ make ...@@ -134,6 +138,8 @@ make
- ***-x dictionary file***: (optional) fuzzer字典 - ***-x dictionary file***: (optional) fuzzer字典
一般情况下,可以通过以下命令启动对一个server的协议模糊测试:
```sh ```sh
s2fuzzer -d -i in -o out -N <server info> -x <dictionary file> -P <protocol> -D 10000 -q 3 -s 3 -E -K -R <executable binary and its arguments (e.g., port number)> s2fuzzer -d -i in -o out -N <server info> -x <dictionary file> -P <protocol> -D 10000 -q 3 -s 3 -E -K -R <executable binary and its arguments (e.g., port number)>
...@@ -365,6 +371,8 @@ memory_used = 11604KB ...@@ -365,6 +371,8 @@ memory_used = 11604KB
#### 4.1 使用共享内存 #### 4.1 使用共享内存
在运行模糊测试前,通过以下命令设置`AFL_PRELOAD`环境变量:
```sh ```sh
export AFL_PRELOAD=/path/to/s2fuzzer/sock2shm.so export AFL_PRELOAD=/path/to/s2fuzzer/sock2shm.so
``` ```
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment