Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
use afl preeny to fuzz nginx
#!/bin/bash
# fuzz-nginx
FUZZER_AFL_PATH="$HOME/Fuzz/fuzzer/afl.git"
NGINX_PATH="$HOME/Fuzz/fuzz-nginx/nginx.git"
WORK_PATH="$HOME/Fuzz/fuzz-nginx"
CLANG_LLVM_PATH="$HOME/Fuzz/fuzz-nginx/clang-3.8.0/clang+llvm-3.8.0-x86_64-linux-gnu-ubuntu-16.04/bin"
install_preeny(){
sudo rm -rf preeny/x86_64-linux-gnu/
sudo apt-get install libini-config-dev -y
cd $WORK_PATH
git clone https://github.com/zardus/preeny.git
cd preeny
make
echo -e "[*] $(pwd)/x86_64-linux-gnu/desock.so is compiled!\n"
}
compile_afl(){
# use llvm 3.8
export PATH=$CLANG_LLVM_PATH:$PATH
cd $FUZZER_AFL_PATH
make && sudo make install
# test on ubuntu16.04
# sudo apt-get install clang-6.0 llvm-6.0 llvm-6.0-dev llvm-6.0-runtime -y
cd $FUZZER_AFL_PATH/llvm_mode
export LLVM_CONFIG=llvm-config
make
# ubuntu18.04 or ubuntu16.04 is both ok
cd ../ && sudo make install
}
compile_nginx(){
sudo apt-get install zlib1g-dev libpcre3 libpcre3-dev libbz2-dev libssl-dev build-essential -y
cd $NGINX_PATH
echo -e "[*] $(pwd) \n"
read -n 1 -p "[*] you need to patch nginx...(y?)"
echo -e "[*] OK assume you have patched...\n"
sudo make clean
rm -rf ../nginx-dist-18.04
mkdir ../nginx-dist-18.04
# cp auto/configure ./
export CC=`which afl-clang-fast`
export CXX=`which afl-clang-fast++`
# export CC=`which afl-clang`
# export CXX=`which afl-clang++`
# export CC=`which afl-gcc`
# export CXX=`which afl-g++`
# export CFLAGS=""
# export KERNEL_BITS=64
# export std=c++11
./configure --prefix=$NGINX_PATH/../nginx-dist-18.04/ --with-select_module
make && make install
}
# install_preeny
# read -n 1 -p "preey is done"
# compile_afl
# read -n 1 -p "afl is done"
# compile_nginx
LD_PRELOAD=$HOME/Fuzz/fuzz-nginx/preeny/x86_64-linux-gnu/desock.so ./nginx-dist-18.04/sbin/nginx
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment