Skip to main content

A library for using AFL from python

Project description

# libafl [![PyPI](]()

A library for compiling binaries and running them from python code. This library is not for fuzzing python code. This library is still in development, expect bugs and breaking API changes.

## Installation

pip install libafl

## Usage

First define a `Target`. A target has three methods, `init` for downloading/extracting/patching a package, `build` for building it, and `run` for running it. All three are optional. There is a special target for AFL targets call `AflTarget`.

``` python
class LibfooAflTarget(libafl.AflTarget):
# The root directory for our fuzzing project. In this case, the location of
# this script
root_path = os.path.dirname(os.path.realpath(__file__))

# The directory our target's source code will be located in
src_dir = 'libfoo-afl'

# Pass any constructor arguments to the super class
def __init__(self, *args, **kwargs):
super(LibarchiveAflTarget, self).__init__(*args, **kwargs)

# Extract the included tar file and move to the directory with the correct
# name
def init(self):
if not os.path.isdir(self.src_dir):
subprocess.check_output(['tar', '-xf', 'libfoo-0.0.1.tar.gz'])
shutil.move('libfoo-0.0.1', self.src_dir)

# Build both the library and a test program with AFL instrumentation
def build(self):
# AflTarget provides this method and includes other options as well
envs = self.set_afl_envs(cc='afl-gcc')
env = dict(os.environ, **envs)
'./configure && make',
('afl-gcc libfootest.c -I %s/include -L %s/libs -o libfootest-afl') %
(self.src_dir, self.src_dir),

Create a new `AflProject` and register all targets:

``` python
class LibfooProject(libafl.AflProject):
def __init__(self, wrapper=None):
super(LibarchiveProject, self).__init__(wrapper)

self.addTarget('afl', LibarchiveAflTarget('input', 'output', './libfootest-afl', '@@'))

Now you can run functions manually:

``` python
project = LibfooProject()'afl') # or project.build_all() to build all targets'afl')

Or use the builtin command line interface:

``` python

Note in this example we used the `TmuxWrapper`, which will launch fuzzers in new `tmux` windows. You can write your own wrappers for other programs (like `screen`).

The command line interface provides the following options:

vagrant@vagrant-ubuntu-trusty-64:/vagrant/libafl/libarchive$ ./ -h
usage: [-h] {init,init_all,build,build_all,run,list} ...

positional arguments:
init initialize a target
init_all initialize all targets
build build a target
build_all build all targets
run run a target
list list all targets

optional arguments:
-h, --help show this help message and exit

More examples can be seen in my [afl-scripts]( repo. See the source for full function signatures and all available methods.

## Why

I kept rewriting scripts for compiling/running binaries with AFL, and the number of configurations I wanted to compile with kept increasing (32 bit/64 bit versions, ASAN/no ASAN, gcov instrumentation, no AFL instrumentation, etc.).

This library is an attempt to remove the boiler plate from writing AFL fuzzing scripts, which will make it easier to test different configurations, and save these configurations for later use, or for sharing with others.

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for libafl, version 0.0.2
Filename, size File type Python version Upload date Hashes
Filename, size libafl-0.0.2.tar.gz (5.2 kB) File type Source Python version None Upload date Hashes View

Supported by

Pingdom Pingdom Monitoring Google Google Object Storage and Download Analytics Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page