Fuzzing简介以及使用AFL对LibTIFF进行模糊测试
来源:互联网 发布:开票软件默认密码 编辑:程序博客网 时间:2024/06/09 14:04
1. Fuzzing简介
Fuzz testing or Fuzzing is a software testing technique, often used to discover security weaknesses in applications and protocols. The basic idea is to attach the inputs of a program to a source of random or unexpected data. If the program fails (for example, by crashing, or by failing in-built code assertions), then there are defects to correct. It should be noted that the majority of security vulnerabilities, from buffer overflows to cross-site scripting attacks, are generally the result of insufficient validation of user-supplied input data. Bugs found using fuzz testing are frequently severe, exploitable bugs that could be used by a real attacker. This has become even more true as fuzz testing has become more widely known, as the same techniques and tools are now used by attackers to exploit deployed software. This is a major advantage over binary or source auditing, or even fuzzing’s close cousin, fault injection, which often rely on artificial fault conditions that are difficult or impossible to exploit.
2. AFL简介
官网:http://lcamtuf.coredump.cx/afl/
3. ALF原理
AFL编译器会对源码进行插桩,然后通过afl-fuzz启动编译出来的程序,并指定输入文件夹与输出文件夹。
AFL会读取输入文件,进行变异喂给程序,最后将crash等输出信息保存到输出文件夹。
源码:
while (conditon) { req = get_request(); process(req);}
插桩后代码:
while (conditon) { put_request(read(file));// AFL req = get_request(); process(req); notify_fuzzer();// AFL}
4. AFL安装
下载:
wget http://lcamtuf.coredump.cx/afl/releases/afl-latest.tgz
解压:
tar xfz afl-latest.tgz
cd afl-2.52b
安装:
sudo make install
5. LibTIFF安装
下载:
wget http://download.osgeo.org/libtiff/tiff-4.0.9.tar.gz
解压:
tar zxvf tiff-4.0.9.tar.gz
cd tiff-4.0.9
指定编译器为AFL的编译器:
Linux:
export CC=afl-gcc
export CXX=afl-g++
OS X:
export CC=afl-clang
export CXX=afl-clang++
编译:
./configure --disable-shared
make
6. AFL对LibTIFF进行模糊测试
下载用例:
http://lcamtuf.coredump.cx/afl/demo/
建立输入输出文件夹:
mkdir input output
将初始用例放入到输入文件夹中:
cp afl_testcases/tiff/edges-only/images/* input/
开始Fuzzing,在执行过程中,afl-fuzz会把@@替代测试样例:
afl-fuzz -i input –o output tools/tiff2rgba -a @@
OS X需要按照提示执行下面3条命令:
运行截图:
- Fuzzing简介以及使用AFL对LibTIFF进行模糊测试
- 使用Afl-fuzz (American Fuzzy Lop) 进行fuzzing测试(四)——直接对二进制进行fuzzing
- 在Linux上使用AFL对Stagefright进行模糊测试
- 使用Afl-fuzz (American Fuzzy Lop) 进行fuzzing测试(待续)
- 使用Afl-fuzz (American Fuzzy Lop) 进行fuzzing测试(待续)
- 使用Afl-fuzz (American Fuzzy Lop) 进行fuzzing测试(二)——详细使用说明(README.txt)
- 使用Afl-fuzz (American Fuzzy Lop) 进行fuzzing测试(三)——技术白皮书(technical whitepaper)
- SPIKE&FUZZING 模糊测试
- SPIKE&FUZZING 模糊测试(收藏)
- SPIKE&FUZZING 模糊测试(收藏)
- 使用Xpath对XML进行模糊查询
- 使用Xpath对XML进行模糊查询
- 使用XPath对Xml进行模糊查询
- 使用Xpath对XML进行模糊查询
- 使用Xpath对XML进行模糊查询
- 使用Xpath对XML进行模糊查询
- 使用Xpath对XML进行模糊查询
- 使用Xpath对XML进行模糊查询
- 变化检测----多元变化检测(Multivariate Alteration Detection)
- leetCode-Construct Binary Tree from Inorder and Postorder Traversal
- 几种常见DRL(深度强化学习)方法总结与对比之前提基本概念
- 重写和重载的区别
- tensorflow.cast参数及功能
- Fuzzing简介以及使用AFL对LibTIFF进行模糊测试
- rails官方指南--建一个简易博客
- C++操作MySQL
- Java中怎么把科学计数法显示出全部数字
- CTS测试框架 -- V1版本
- 希尔排序
- java热部署与热加载,以及配置tomcat实现热部署的方式
- 渣渣四级
- 最新gitlab在CentOs7.3中的安装