# 待测目标 upx, libpng, libxml2, tiff2bw, pdfimages, objdump, avconv, readelf, nm, cxxflit, strings, libjson, mp42aac, size, libsass, mupdf, jhead - mzy: jhead tiff2bw libxml2 libpng (301, 302, 303, 304) - jimmy: pdfimages libjson mp42aac, avconv (401,402,403,404) - wh: upx, objdump, readelf，cxxflit, libsass, nm (501, 502, 503, 504, 505, 506) - zwy: mupdf, size, strings (601,602,603) # prerequest ```bash= sudo mount -t tmpfs -o size=20G tmpfs /fuzz wget https://repo.anaconda.com/miniconda/Miniconda2-4.7.12.1-Linux-x86_64.sh \ && bash ./Miniconda2-4.7.12.1-Linux-x86_64.sh # zsh conda init zsh && source ~/.zshrc # bash conda init bash && source ~/.zshrc # create a new env conda create -n rfuzz python=2 # activate env conda activate rfuzz python --version # 2.7.12 apt-get update apt-get install git libssl-dev libffi-dev build-essential # install packages python -m pip install -r requirements.txt ``` # upx ```bash= git clone https://github.com/upx/upx.git && cd upx rmdir lzma-sdk git clone https://github.com/upx/upx-lzma-sdk.git lzma-sdk wget http://www.oberhumer.com/opensource/ucl/download/ucl-1.03.tar.gz tar -xzvf ucl-1.03.tar.gz cd ucl-1.03 export UPX_UCLDIR=/path-to-upx/upx/ucl/ucl-1.03 export UPX_LZMADIR=./src/lzma-sdk CC=clang ./configure --prefix=/path-to-upx/upx/ucl CC=clang CFLAGS+="-fsanitize=address" make all ``` # libsass ```bash= # using git is preferred git clone https://github.com/sass/libsass.git # only needed for sassc and/or testsuite git clone https://github.com/sass/sassc.git libsass/sassc git clone https://github.com/sass/sass-spec.git libsass/sass-spec AFL_USE_ASAN=1 BUILD="shared" CC=path-to-afl-g++ make -j32 ./sassc/bin/sassc @@ ``` # mp42aac web https://www.bento4.com/documentation/mp42aac/ ```bash= wget "http://zebulon.bok.net/Bento4/source/Bento4-SRC-1-6-0-637.zip" unzip Bento4-SRC-1-6-0-637.zip cd Bento4-SRC-1-6-0-637 mkdir build cd build cmake -DCMAKE_BUILD_TYPE=Release -DCMAKE_C_COMPILER=afl-gcc -DCMAKE_CXX_COMPILER=afl-g++ .. make AFL_USE_ASAN=1 CC=afl-gcc CXX=afl-g++ ``` # libjson ```bash= wget https://github.com/vincenthz/libjson/archive/v0.8.zip unzip v0.8.zip cd v0.8/libjson-0.8 make AFL_USE_ASAN=1 CC=afl-gcc ``` # avconv ```bash= git clone git://git.libav.org/libav.git cd libav ./configure cc=afl-gcc make AFL_USE_ASAN=1 CC=afl-gcc ``` # libpng Web http://www.libpng.org/pub/png/libpng.html Version 1.6.37 ```bash= wget "https://download.sourceforge.net/libpng/libpng-1.6.37.tar.gz" tar -xzvf libpng-1.6.37.tar.gz cd libpng-1.6.37 ./configure CC=afl-gcc make AFL_USE_ASAN=1 CC=afl-gcc ``` # libxml2 web http://www.xmlsoft.org/ ```bash= wget "http://xmlsoft.org/sources/libxml2-2.9.10.tar.gz" tar -xzvf libxml2-2.9.10.tar.gz cd libxml2-2.9.10 ./configure CC=afl-gcc make AFL_USE_ASAN=1 CC=afl-gcc ``` # tiff2bw(libtiff) Web http://www.libtiff.org/ version 4.1.0 ```bash= wget "http://download.osgeo.org/libtiff/tiff-4.1.0.tar.gz" tar -xzvf tiff-4.1.0.tar.gz cd tiff-4.1.0 ./configure CC=afl-gcc --disable-shared make AFL_USE_ASAN=1 CC=afl-gcc ``` # jhead Web https://www.sentex.ca/~mwandel/jhead/ version 3.0.4 ```bash= wget "https://www.sentex.ca/\~mwandel/jhead/jhead-3.04.tar.gz" tar -xzvf jhead-3.04.tar.gz cd jhead-3.04 CC=afl-gcc make AFL_USE_ASAN=1 CC=afl-gcc ``` # pdfimages ```bash= wget https://dl.xpdfreader.com/xpdf-4.02.tar.gz tar -zxvf xpdf-4.02.tar.gz cd xpdf-4.02 cmake -DCMAKE_C_COMPILER=afl-gcc -DCMAKE_CXX_COMPILER=afl-g++ .. make AFL_USE_ASAN=1 CC=afl-gcc CXX=afl-g++ ``` # mutool(mupdf) ```bash= wget https://mupdf.com/downloads/archive/mupdf-1.18.0-source.tar.gz tar -xvzf mupdf-1.18.0-source.tar.gz cd mupdf-1.18.0-source/ make AFL_USE_ASAN=1 CC=afl-gcc CXX=afl-g++ ``` # binutils ```bash= # binutils: size, strings, objdump, readelf，cxxflit, nm wget https://ftp.gnu.org/gnu/binutils/binutils-2.35.1.tar.gz tar -xvzf binutils-2.35.1.tar.gz cd binutils-2.35.1 #export CC=/path/to/afl-clang-fast #export CXX=/path/to/afl-clang-fast++ #export AFL_USE_ASAN=1 # build binutils stand alone CC=afl-gcc ./configure -disable-gdb --disable-sim --disable-readline --disable-gdbserver AFL_USE_ASAN=1 CC=afl-gcc make -j48 ```