search

zyw-200 / FirmAFL

FIRM-AFL is the first high-throughput greybox fuzzer for IoT firmware.
GNU General Public License v3.0
432 stars 90 forks source link

what's the difference between your command afl-fuzz in the folder FirmAFL_config and the one compiled from the FirmAFL? #7

Open minifish120 opened 4 years ago

zyw-200 commented 4 years ago

Please use the afl-fuzz in the FirmAFL_config. It is the consistent with AFL. The one compiled from the FirmAFL is used for fuzzing with full system-mode emulation. The codes are from TriforceAFL..

minifish120 commented 4 years ago

but when i'a using the FirmAFL/afl-fuzz, it reports: [+] All right - fork server is up.

[-] Oops, the program crashed with one of the test cases provided. There are several possible explanations:

- The test case causes known crashes under normal working conditions. If
  so, please remove it. The fuzzer should be seeded with interesting
  inputs - but not ones that cause an outright crash.

- Least likely, there is a horrible bug in the fuzzer. If other options
  fail, poke <lcamtuf@coredump.cx> for troubleshooting tips.

[-] PROGRAM ABORT : Test case 'id:000000,orig:seed' results in a crash Location : perform_dry_run(), afl-fuzz.c:2866

the firmware i'am testing is image_9925

zyw-200 commented 4 years ago

Please use afl-fuzz in FirmAFL_config. Later, I will remove the afl-fuzz in FirmAFL root directory which is not correct. If you still meet errors, maybe you can run each instruction in start.py. Sometimes the sleep time in start.py may affect the result.

minifish120 commented 4 years ago

But when I split the start.py into three steps, it still reported: [+] All right - fork server is up.

[-] PROGRAM ABORT : Unable to communicate with fork server (OOM?) Location : run_target(), afl-fuzz.c:2405

yuych@vul-test-System-Product-Name:~/FirmAFL/image_12978$

OR

[-] Oops, the program crashed with one of the test cases provided. There are several possible explanations:

i can't get the reason from the binary afl-fuzz you provided