Skip to content

vwvw/T-Fuzz

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
scripts
scripts
 
 
target_programs
target_programs
 
 
tfuzz
tfuzz
 
 
README.md
README.md
 
 
TFuzz
TFuzz
 
 
req.txt
req.txt
 
 

Repository files navigation

T-Fuzz

T-Fuzz consists of 2 components:

  • Fuzzing tool (TFuzz): a fuzzing tool based on program transformation
  • Crash Analyzer (CrashAnalyzer): a tool that verifies whether crashes found transformed programs are true bugs in the original program or not (coming soon).

OS support

The current version is tested only on Ubuntu-16.04, while trying to run the code, please use our tested OS.

Prerequisite

T-Fuzz system is built on several opensource tools.

Installing radare2

$ git clone https://github.com/radare/radare2.git $ cd radare2 $ ./sys/install.sh

Installing python libraries

installing some dependent libraries

Note: to use apt-get build-dep, you need to uncomment the deb-src lines in your apt source file (/etc/apt/sources.list) and run apt-get update.

$ sudo apt-get install build-essential gcc-multilib libtool automake autoconf bison debootstrap debian-archive-keyring $ sudo apt-get build-dep qemu-system $ sudo apt-get install libacl1-dev libtool-bin libc-bin:2.20

installing pip and setting up virtualenv & wrapper

$ sudo apt-get install python-pip python-virtualenv $ pip install virtualenvwrapper

Add the following lines to your shell rc file (~/.bashrc or ~/.zshrc).

export WORKON_HOME=$HOME/.virtual_envs source /usr/local/bin/virtualenvwrapper.sh

Creating a python virtual environment

$ mkvirtualenv tfuzz-env

Installing dependent libraries

This command will install all the dependent python libraries for you.

$ workon tfuzz-env $ pip install -r req.txt

Fuzzing target programs with T-Fuzz

$ ./TFuzz --program <path_to_target_program> --work_dir <work_dir> --target_opts <target_opts>

Where

  • <path_to_target_program>: the path to the target program to fuzz
  • <work_dir>: the directory to save the results
  • <target_opts>: the options to pass to the target program, like AFL, use @@ as placeholder for files to mutate.

Examples

  1. Fuzzing base64 with T-Fuzz
$ ./TFuzz --program target_programs/base64 --work_dir workdir_base64 --target_opts "-d @@"
  1. Fuzzing uniq with T-Fuzz
$ ./TFuzz --program target_programs/uniq --work_dir workdir_uniq --target_opts "@@"
  1. Fuzzing md5sum with T-Fuzz
$ ./TFuzz --program target_programs/md5sum --work_dir workdir_md5sum --target_opts "-c @@"
  1. Fuzzing who with T-Fuzz
$ ./TFuzz --program target_programs/who --work_dir workdir_who --target_opts "@@"

Using CrashAnalyzer to verify crashes

Coming soon!

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages

  • Python 99.5%
  • Shell 0.5%