How do I use SUBMIT_CR3 to trace another process's coverage

IntelLabs / kAFL

A fuzzer for full VM kernel/driver targets

https://intellabs.github.io/kAFL/

MIT License

659 stars 92 forks source link

How do I use SUBMIT_CR3 to trace another process's coverage #277

Open LeoneChen opened 7 months ago

LeoneChen commented 7 months ago

How do I use SUBMIT_CR3 to trace coverage another process (e.g. target rpc server process) ? Do I need to get CR3 register of target process, and then feed cr3 to SUBMIT_CR3 instead of 0? I've already read introducation in doc, but more detail information is helpful. Thanks so much~

LeoneChen commented 7 months ago

Do I must have to add a kernel driver to get cr3 value from pid of target process?