American Fuzzy Lop: Difference between revisions

From charlesreid1
Line 53: Line 53:


===Compile John the Ripper===
===Compile John the Ripper===
We will compile John the Ripper using American Fuzzy Lop's own GCC:
<pre>
CC=/path/to/afl-gcc ./configure
</pre>

Revision as of 05:35, 2 April 2016

Fuzzer

https://necurity.co.uk/netsec/2015/03/30/Fun-With-AFL.html#sthash.h9Aurb7C.dpbs

About

American fuzzy lop is a program for fuzzing inputs. It is very sophisticated and can be instrumented with a binary to do very targeted fuzzing.

Installing

Get the latest version, and run make to make it: 

$ wget http://lcamtuf.coredump.cx/afl/releases/afl-latest.tgz 
$ tar -xvf afl-latest.tgz cd afl-latest.tgz
$ cd afl-*
$ make 
$ make install

Success! 

root@morpheus:~/codes/afl-2.10b# which afl-fuzz
/usr/local/bin/afl-fuzz

Fuzzing a Program

Programs that can be fuzzed are those that take input files, usually binary files or unusual formats. (Think mp3, multimedia, images, etc.)

We'll be fuzzing John the Ripper to understand how AFL works.

Compiling John the Ripper

We want to download and compile John so that it will be instrumented.

Dependencies

Start with dependencies - OpenSSL development libs: 

# apt-get install --fix-missing libssl-dev

Get John the Ripper

# git clone git@github.com:magnumripper/JohnTheRipper.git
# cd JohnTheRipper/src
# ./configure --help

Compile John the Ripper

We will compile John the Ripper using American Fuzzy Lop's own GCC: 

CC=/path/to/afl-gcc ./configure
Retrieved from "https://charlesreid1.com/w/index.php?title=American_Fuzzy_Lop&oldid=10214"