体验了一波,fuzz速度比afl++慢,但是出crash的效率更高
install
sudo apt install binutils-dev libunwind-dev
git clone https://github.com/google/honggfuzz
make
sudo make install
插桩
和afl一样
准备输入
最小化输入集
honggfuzz -i input_dir --output output_dir -M -- instrumented.djpeg ___FILE___
fuzz
从参数读取输入
honggfuzz -i ./in -W ./result -- ./hgfuzzDemo ___FILE___
从标准输入读取输入
honggfuzz -i input_dir -x -s -- /usr/bin/djpeg
qemu mode
需要进到qemu_mode目录进行make编译
honggfuzz -i input_dir -- <honggfuzz_dir>/qemu_mode/honggfuzz-qemu/x86_64-linux-user/qemu-x86_64 /usr/bin/djpeg ___FILE___