Skip to content
This repository has been archived by the owner on Jan 27, 2019. It is now read-only.
/ afl-other-arch Public archive

AFL, with scripts to support other architectures.

95 stars 43 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

shellphish/afl-other-arch

BranchesTags

Repository files navigation

This is a simple patch to AFL to make other-arch (non-x86 based) support easy. Just run ./build.sh <arches> to get started, where <arches> can be one or more of:

   aarch64 alpha arm armeb cris i386 m68k microblaze microblazeel 
   mips mips64 mips64el mipsel mipsn32 mipsn32el or32 ppc ppc64 
   ppc64abi32 ppc64le s390x sh4 sh4eb sparc sparc32plus sparc64 unicore32 
   x86_64

This will compile AFL with qemu support for the architecture requested.

Once building is completed, you'll need to set some environment variables before you can begin fuzzing.

Set QEMU_LD_PREFIX to a path containing a directory lib which itself contains the shared objects required by the binary (such as libc compiled for <arch>)

export QEMU_LD_PREFIX=. # assuming your CWD contains the 'lib' directory

Set AFL_PATH to the directory containing the afl-qemu-trace binary for the architecture of the binary being fuzzed

export AFL_PATH=afl-other-arch/tracers/$TARGET/

Happy other-arch fuzzing!

afl-other-arch/afl-fuzz -m 8G -Q -i testcases -o output -- ./deepblue

About

AFL, with scripts to support other architectures.

Resources

Readme
Activity
Custom properties

Stars

95 stars

Watchers

17 watching

Forks

43 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages