Skip to content

toralf/fuzz-utils

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

153 Commits

.editorconfig

.editorconfig

 
 

.gitignore

.gitignore

 
 

.markdownlint.yaml

.markdownlint.yaml

 
 

.shellcheckrc

.shellcheckrc

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

bwrap.sh

bwrap.sh

 
 

fuzz-cgroup.sh

fuzz-cgroup.sh

 
 

fuzz-lib-openssl.sh

fuzz-lib-openssl.sh

 
 

fuzz-lib-tor.sh

fuzz-lib-tor.sh

 
 

fuzz.sh

fuzz.sh

 
 

simple-http-server.py

simple-http-server.py

 
 

Repository files navigation

StandWithUkraine

fuzz-utils

fuzz testing of Tor and OpenSSL using AFL++

fuzz.sh is the entry point. fuzz-*.sh do provide target specific functionality and cgroup handling.

The directory /tmp/torproject/fuzzing is used as output. Findings will be synced from there to $HOME/findings. It should be a tmpfs to avoid heavy I/O stress to the disk.

The fuzz-cgroup.sh needs root permissions. Therefore tweak your local sudoers.d file.

Example:

# (f)indings, 1x (o)penssl, 1x (t)or, (p)lots, (f)indings
*/5 * * * *   /opt/fuzz-utils/fuzz.sh -f -o 1 -t 1 -p -f

simple-http-server.sh provides a simple Python HTTP server. A separate sandbox is provided by bwrap.sh which uses bubblewrap, e.g.:

./bwrap.sh ./simple-http-server.py --address 1.2.3.4 --port 56789 --directory /tmp/www

Each sandbox invocation needs 2 or more namespace entries, so tweak the sysctl value user.max_user_namespaces accordingly.

About

fuzz Tor, OpenSSL and probably more using AFL++

Topics

quality-assurance fuzzer

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases 9

v24.06 Latest
Jun 4, 2024
+ 8 releases

Packages

No packages published

Languages