Better Setup and Informations for libafl_nyx

[GanbaruTobi]

Since I am trying to make this run for three days now, I want to collect some informations here on what could improve working with libafl_nyx.

1. The qemu_nyx is pretty outdated (Sep 2022) and has errors that are already fixed in other commits. Upgrading to newest can be done easily, I tested, but I don't know if newest is a good choice. Same for packer and libnyx.
2. The packer pack.sh relies on filestructures that not every linux has (probably Ubuntu like works), this causes silent fails because the pack.sh doesn't realy check errors. In my case it also pulls a 32-bit version instead of an 64-bit version of libc which silently errors in the VM.

So some ideas:

1. Specify system to use in the readme of libafl_nyx and nyx fuzzers or
2. Describe a way to have a working setup
3. Ask people who know if we can update dependencies and to which versions we should go, maybe we can stick with https://github.com/nyx-fuzz/Nyx-Testing, so we would have a test-suite also?

[GanbaruTobi]

The libafl docker might be a good place for working nyx setup? The docker seems to not be able to build nyx:

[GanbaruTobi]

Also, a general question arises: is the packer really not considered part of the target, given that it sets up a virtual machine? Why use a general Linux kernel? The virtual machine system could be highly dependent on the target! What about Windows? What about software requiring more recent kernels? What about fuzzing Linux drivers?

My assumption is that the two example fuzzers are built for the packer to meet its specific requirements, rather than being built with the packer itself.

[GanbaruTobi]

Here is important Information to have to use libafl_nyx: https://github.com/nyx-fuzz/Nyx/blob/main/docs/01-Nyx-VMs.md The setup right now is only creating the "kernel running mode" and we should reflect that in the Readme. The packer expects same OS on host and guest, which seems to be ubuntu-22.04.1.

[GanbaruTobi]

The qemu-nyx, libnyx and nyx-packer are updated to latest for now with https://github.com/AFLplusplus/LibAFL/commit/d7ac802fb23338dcc66804154f62698de84e0b87

I will rewrite the Readme and maybe a book chapter when I got libafl_nyx working with another thing then "kernel running mode".

[corysabol]

I'm particularly interested in doing Windows snapshot fuzzing using Nyx and libafl. So, this would be good to see. I am going to be playing around with some of this stuff as well so if I figure anything out I may have some contributions to this.