pr0v3rbs
commented
1 year ago Sorry for the late,
For the CI, you can find the [ANALYZE] logs in the scratch/${IID}/qemu.final.serial.log file. It shows the execve syscall was executed while performing a particular request format with a specific key and value. You can find the matched signature in the analyses/analyses_log/${BRAND}/${IID}/fuzzer_log_ci file.
For the BOF, you can find a crash log such as SIGSEGV in the scratch/${IID}/qemu.final.serial.log file. It will contain an overflowed '0x61616161' stack memory with an index string. You can find the matched index in the analyses/analyses_log/${BRAND}/${IID}/fuzzer_bof_bof file.
Thanks.
Fuzzer log files are very large, so how do you know if there are CI and BOF vulnerabilities? Thanks.