Skip to content

Instantly share code, notes, and snippets.

@ToSeven

ToSeven/LibAFL-Gsoc report.md

Last active September 4, 2023 01:20
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save ToSeven/141706d8eb1ef8da588146edb45118a9 to your computer and use it in GitHub Desktop.
Save ToSeven/141706d8eb1ef8da588146edb45118a9 to your computer and use it in GitHub Desktop.
Download ZIP
Project Description
Raw
LibAFL-Gsoc report.md

Project Description

LibAFL is a fuzzing framework written in RUST. Fuzzing is an automatic vulnerability detection approach. During the fuzzing process, the fuzzer will inject an amount of invalid malformed, or unexpected inputs into a target software, and observe whether the target software has exceptions. LibAFL splits a fuzzer into different components and provides essential parts in each component, which makes it possible to write your customized fuzzer.

As mentioned on the project description page, the goal of the project is to add AFL-style UI to the TUI monitor. AFL is a popular and classical fuzzing tool, which has a good style TUI. Though the UI of LibAFL is very simple, users hardly obtain the information they need, so I need to implement an AFL-style UI, which provides more helpful information than ever and helps users obtain the status of every running fuzzer.

As a result of this project, I have finished the following work. Firstly, I designed the layout of TUI with my mentor, we decreased many unnecessary entries of AFL’s UI and remained the most useful things. Secondly, I added the four metrics “pending”, “pend_fav”,”own_finds” and “imported” into LibAFL. Those metrics reflect the running status of a fuzzer. Thirdly, I implemented the whole AFL-style UI of LibAFL, which shows not only the overall stats but also the stats of every running fuzzer.

Implement

1. Design the layout of AFL-style UI

The whole UI is composed of three sections the overall stats section, the client stats section, and the client log section. Those respectively make up 20 lines, 14 lines, and 6 lines in height.

2. Add the four metrics(pending, pend_fav, own_finds, imported)

The four metrics have the following meaning:

  • Pending: the number of inputs that have not gone through any fuzzing yet
  • Pend_fav: the number of favored test cases that have not gone through any fuzzing yet.
  • Imported: the number of test cases that are imported from other fuzzer instances.

I calculate the four metrics in the stage section of LibAFL.
Here is my PR about this function: AFLplusplus/LibAFL#1432

3. Implement the whole UI

I took advantage of the tui-rs library to draw the whole UI. Tui-rs is a rust library to build rich terminal user interfaces and dashboards. Firstly, I connect the UI monitor to the broker that relays the stats message from every client fuzzer, so the UI monitor can collect the status information of the running fuzzer. Through those stats, I use the user interfaces of tur-rs to draw the UI. Here is my PR about this function: AFLplusplus/LibAFL#1432

Next to do

I will implement a demo in the ./fuzzer to tell users how to build a fuzzer with an AFL-style UI and write the related document.

Important things I learned

I am very glad to attend this Gsoc project. Through this project, I improved my English communication ability, My poor spoken English made me realize mastering a foreign language is very important. Meanwhile, I learned a new computer language Rust, and am familiar with the framework of LibAFL. In all, I have benefited a lot from this project. Finally, I want to thank my mentors, they helped me a lot!

Other works

I also implemented some function extensions and fixed some bugs during the project. such as: AFLplusplus/LibAFL#1248

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment