From 743263dc433c4c36397099a1ed0dbb817bd570e5 Mon Sep 17 00:00:00 2001 From: vovuas2003 Date: Wed, 6 May 2026 12:14:00 +0300 Subject: [PATCH] afl++ blackbox fuzz test --- .gitignore | 4 ++++ README.md | 16 +++++++++++++--- aflfuzz/fuzz_in/blank_test.txt | 2 ++ aflfuzz/fuzz_in/right_admin.txt | 2 ++ aflfuzz/fuzz_in/right_user.txt | 2 ++ aflfuzz/fuzz_in/wrong_admin.txt | 2 ++ aflfuzz/fuzz_in/wrong_user.txt | 2 ++ aflfuzz/install.sh | 19 +++++++++++++++++++ aflfuzz/run_fuzz.sh | 10 ++++++++++ 9 files changed, 56 insertions(+), 3 deletions(-) create mode 100644 aflfuzz/fuzz_in/blank_test.txt create mode 100644 aflfuzz/fuzz_in/right_admin.txt create mode 100644 aflfuzz/fuzz_in/right_user.txt create mode 100644 aflfuzz/fuzz_in/wrong_admin.txt create mode 100644 aflfuzz/fuzz_in/wrong_user.txt create mode 100755 aflfuzz/install.sh create mode 100755 aflfuzz/run_fuzz.sh diff --git a/.gitignore b/.gitignore index 3a1ad18..a986e8c 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,6 @@ build/ data/ + +AFLplusplus/ +aflfuzz/configs/ +aflfuzz/fuzz_out/ diff --git a/README.md b/README.md index c8c8539..38a1700 100644 --- a/README.md +++ b/README.md @@ -149,8 +149,18 @@ bash scripts/run.sh Сначала соберите приложение и инициализируйте тестовую базу (init_users). -Далее: +Далее (для учебных целей фаззинг ограничен по времени - 5 минут): -1. cd myfuzz +1. Запуск нативного фаззера (проверка функции аутентификации, ограничение в 1 поток для нормальной работы SQLite, время фаззинга можно увеличить в скрипте запуска) + +1.1. cd myfuzz -2. ./run_fuzz.sh +1.2. ./run_fuzz.sh + +2. Запуск AFL++ в режиме blackbox (фаззинг готового бинарника) + +2.1. cd aflfuzz + +2.2. ./install.sh + +2.3. ./run_fuzz.sh diff --git a/aflfuzz/fuzz_in/blank_test.txt b/aflfuzz/fuzz_in/blank_test.txt new file mode 100644 index 0000000..139597f --- /dev/null +++ b/aflfuzz/fuzz_in/blank_test.txt @@ -0,0 +1,2 @@ + + diff --git a/aflfuzz/fuzz_in/right_admin.txt b/aflfuzz/fuzz_in/right_admin.txt new file mode 100644 index 0000000..baed26a --- /dev/null +++ b/aflfuzz/fuzz_in/right_admin.txt @@ -0,0 +1,2 @@ +admin +admin123 diff --git a/aflfuzz/fuzz_in/right_user.txt b/aflfuzz/fuzz_in/right_user.txt new file mode 100644 index 0000000..ceba222 --- /dev/null +++ b/aflfuzz/fuzz_in/right_user.txt @@ -0,0 +1,2 @@ +user1 +password1 diff --git a/aflfuzz/fuzz_in/wrong_admin.txt b/aflfuzz/fuzz_in/wrong_admin.txt new file mode 100644 index 0000000..353f219 --- /dev/null +++ b/aflfuzz/fuzz_in/wrong_admin.txt @@ -0,0 +1,2 @@ +admin +admin diff --git a/aflfuzz/fuzz_in/wrong_user.txt b/aflfuzz/fuzz_in/wrong_user.txt new file mode 100644 index 0000000..df042e5 --- /dev/null +++ b/aflfuzz/fuzz_in/wrong_user.txt @@ -0,0 +1,2 @@ +user +password diff --git a/aflfuzz/install.sh b/aflfuzz/install.sh new file mode 100755 index 0000000..036b720 --- /dev/null +++ b/aflfuzz/install.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +# apt install afl++ не поддерживает qemu режим, соберём из исходников +# https://github.com/AFLplusplus/AFLplusplus/blob/stable/docs/INSTALL.md + +sudo apt-get update +sudo apt-get install -y build-essential python3-dev automake cmake git flex bison libglib2.0-dev libpixman-1-dev python3-setuptools cargo libgtk-3-dev +# try to install llvm-18 and install the distro default if that fails +sudo apt-get install -y lld-18 llvm-18 llvm-18-dev clang-18 || sudo apt-get install -y lld llvm llvm-dev clang +sudo apt-get install -y gcc-$(gcc --version|head -n1|sed 's/\..*//'|sed 's/.* //')-plugin-dev libstdc++-$(gcc --version|head -n1|sed 's/\..*//'|sed 's/.* //')-dev +sudo apt-get install -y meson ninja-build # for QEMU mode +sudo apt-get install -y cpio libcapstone-dev # for Nyx mode +sudo apt-get install -y wget curl # for Frida mode +sudo apt-get install -y python3-pip # for Unicorn mode +git clone https://github.com/AFLplusplus/AFLplusplus +cd AFLplusplus +git submodule update --init +make distrib +sudo make install diff --git a/aflfuzz/run_fuzz.sh b/aflfuzz/run_fuzz.sh new file mode 100755 index 0000000..c6bda54 --- /dev/null +++ b/aflfuzz/run_fuzz.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +mkdir -p data +cp ../data/users.db ./data/users.db +mkdir -p configs +cp ../configs/config.toml ./configs/config.toml + +mkdir -p fuzz_out + +afl-fuzz -V $(( 60 * 5 )) -Q -i fuzz_in -o fuzz_out -- ../build/release/authapp