risicle
commented
4 years ago I typically use the included dummy-afl-qemu-trace script to convince afl it's in qemu mode (though I'm not sure this trick is necessary with newer versions of aflplusplus, I still use this method). From that script:
# put a symlink to this script in your AFL_PATH directory under the name afl-qemu-trace
# to fuzz a python forkserver using an unmodified AFL (or AFL++) in "qemu mode".It may vary depending on how you've installed afl, but a basic invocation for me will then be something like:
$ PYTHONHASHSEED=0 afl-fuzz -i examples/ -o out/ -f inputf00 -Q -- python hpack_example.py inputf00
bit-twidd1er
leveryd
Hello! This project looks very interesting. I was looking for something just like this. I am looking to test this to see if it could potentially be used for fuzzing some python code that I am auditing. Is there any way that you could show a quick example of the commands that are typically used to launch a fuzzing instance with cpytraceafl? For example, I would find a short tutorial describing how to install and run your existing examples to be perfect for this.
When I attempt to run the examples, I get
KeyError: __AFL_SHM_IDI believe that everything is installed correctly, but I am just attempting to run the examples in the incorrect way. However, I am unclear as to whether this is to be run installed with cpython that has already been instrumented by AFL, standard cpython (without instrumentation), or something else so it is possible that I messed up the install as well. Thank you `