體驗了一波,fuzz速度比afl++慢,但是出crash的效率更高
install
sudo apt install binutils-dev libunwind-dev
git clone https://github.com/google/honggfuzz
make
sudo make install
插樁
和afl一樣
準備輸入
最小化輸入集
honggfuzz -i input_dir --output output_dir -M -- instrumented.djpeg ___FILE___
fuzz
從參數讀取輸入
honggfuzz -i ./in -W ./result -- ./hgfuzzDemo ___FILE___
從標準輸入讀取輸入
honggfuzz -i input_dir -x -s -- /usr/bin/djpeg
qemu mode
需要進到qemu_mode目錄進行make編譯
honggfuzz -i input_dir -- <honggfuzz_dir>/qemu_mode/honggfuzz-qemu/x86_64-linux-user/qemu-x86_64 /usr/bin/djpeg ___FILE___