custom_winafl_server.dll getaddrinfo failure

[hihijskim]

Hello, Team. I'm now testing winafl servermode and I'm stuck due to getaddrinfo failure.

To test the functionality, I have used existing test_servermode.exe and disabled all firewall profiles. It fails inside the custom_winafl_server.c code, so it seems all the configurable parameters(such as AFL_CUSTOM_DLL_ARGS, -l etc..) are properly inserted. https://github.com/googleprojectzero/winafl/blob/master/custom_winafl_server.c#L192

I have no idea how to solve this and continue test it. Would you please help me?

Thank you very much.

vagrant@VAGRANT-10 C:\winafl\build32\bin\Release>netsh advfirewall set allprofiles state off                                                                  
Ok.                                                                                                                                                           

vagrant@VAGRANT-10 C:\winafl\build32\bin\Release>set AFL_CUSTOM_DLL_ARGS=1337 && afl-fuzz.exe -l custom_winafl_server.dll -i C:\host\in -o C:\host\test_server
_mode -D C:\dynamorio\DynamoRIO-Windows-8.0.18803\bin32 -t 20000+ -- -target_module test_servermode.exe -target_offset 0x1010 -coverage_module test_servermode
.exe -fuzz_iterations 5000 -nargs 2 -- test_servermode.exe 127.0.0.1
WinAFL 1.16b by <ifratric@google.com>
Based on AFL 2.43b by <lcamtuf@google.com>
Loading custom winAFL server library
dll_init is defined.
dll_run_ptr is defined.
dll_run_target isn't defined.
dll_write_to_testcase isn't defined.
dll_mutate_testcase isn't defined.
dll_trim_testcase isn't defined.
dll_mutate_testcase_with_energy isn't defined.
Sucessfully loaded and initalized
[+] You have 6 CPU cores with average utilization of 0%.
[+] Try parallel jobs - see afl_docs\parallel_fuzzing.txt.
[*] Checking CPU core loadout...
[+] Found a free CPU core, binding to #0.
[+] Process affinity is set to 1.
[*] Setting up output directories...
[+] Output directory exists but deemed OK to reuse.
[*] Deleting old session data...
[+] Output dir cleanup successful.
[*] Scanning 'C:\host\in'...
[+] No auto-generated dictionary tokens to reuse.
[*] Creating hard links for all input files...
[*] Attempting dry run with 'id_000000'...
Initializing custom winAFL server
getaddrinfo failed with error: 10109

[-]  SYSTEM ERROR : User-defined custom initialization routine returned 0
    Stop location : run_target(), C:\host\winafl\afl-fuzz.c:2856
       OS message : No such file or directory

I'm using this version of Windows

vagrant@VAGRANT-10 C:\winafl\build32\bin\Release>systeminfo

Host Name:                 VAGRANT-10                                          
OS Name:                   Microsoft Windows 10 Pro                  
OS Version:                10.0.19044 N/A Build 19044     
OS Manufacturer:           Microsoft Corporation     

[ifratric]

When you run set AFL_CUSTOM_DLL_ARGS=1337 && afl-fuzz.exe ... what happens is AFL_CUSTOM_DLL_ARGS gets defined as 1337[SPACE]. getaddrinfo then fails to recognize it as port, tries to find a service with that name and fails.

You should either run it as set AFL_CUSTOM_DLL_ARGS=1337&& afl-fuzz.exe ... or split it in two commands.

[hihijskim]

Thank you very much!