A Fuzzing Quick-start with AFL

David Moore
Aug 22, 2017 · 1 min read

Want to try fuzz testing with the AFL fuzzer? AFL is easy to use but you still need a target application to fuzz test.

Fuzz Station has created Fuzzgoat, a C program with several deliberate memory corruption bugs that are easily found by AFL. It makes a very easy to run fuzz testing target.

To fuzz test Fuzzgoat with AFL:

  1. Download AFL from : http://lcamtuf.coredump.cx/afl/releases/afl-latest.tgz. Build it with make install . Please see the AFL quick start guide and docs for more info.
  2. Clone the Fuzzgoat repo. Fuzzgoat builds with make. With afl-gcc in your PATH environment variable: make
  3. Start the fuzzer. With afl-fuzz in your PATH, run the following command from the fuzzgoat/ directory:

afl-fuzz -i in -o out ./fuzzgoat @@

If all goes well the fuzz run will start and you will see the AFL status screen. On some systems configuration changes (cpu scaling and core dump handling) will be required — AFL give clear information on how to make these changes.

AFL can find the memory bugs in Fuzzgoat very quickly — you should see crashes in the status screen (see ‘uniq crashes’) very shortly — check the out/crashes/ directory for the files triggering these crashes.

For information on Fuzz Stati0n’s scalable, cloud based continuous fuzz testing solution, please see our website.

Fuzz Stati0n

Find Deep Bugs in Node Apps

)
Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade