Closed william31212 closed 2 years ago
The details of the fuzzing process are discussed in the "MMS Exploit Part 2" blog post. Unfortunately the qemu patch wasn't made public, but I hope that it shouldn't be too hard to reproduce the same functionality with the help of our blog, existing AFL patches and other write-ups about adjusting qemu for fuzzing.
Does any fuzz details and process with the afl-qemu? This repo only have the harness and exploit file.