Skip to content

cloudfuzz/QHScan

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
QHScan
QHScan
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
QHScan.sln
QHScan.sln
 
 
README.md
README.md
 
 

Repository files navigation

QHScan

This is a custom scanner client for Quick Heal Anti-Malware Scanner Engine. This can be directly used for fuzzing with WinAFL.

Tested bed

  • Windows 7 SP1 x86
  • Quick Heal 18.00 (11.1.1.26) x86

Usage

QHScan.exe C:\malware.exe

Fuzzing

..\winafl-cmin.py -v -D C:\DynamoRIO\bin32 -t 100000 -i C:\av -o C:\minset -covtype edge -coverage_module SCANSDK.DLL -coverage_module platform.qvd -coverage_module filesdk.qvd -coverage_module ggstub.dll -coverage_module onlnmf.dll -coverage_module diskapi.dll -coverage_module bdsitf.dll -coverage_module infori.dll -coverage_module FileWrap.dll -coverage_module registry.dll -coverage_module opsitf.dll -coverage_module catitf.dll -coverage_module disasm.qvd -coverage_module dataproc.qvd -coverage_module qhpicln.dll -coverage_module engncore.qvd -coverage_module pescan.qvd -coverage_module pepoly.qvd -coverage_module arcvsdk.qvd -coverage_module lzesdk.qvd -coverage_module heurscan.qvd -coverage_module npesdk.qvd -coverage_module boot.qvd -coverage_module miscscan.qvd -coverage_module webcat.dll -coverage_module qhkill.qvd -target_module qhscan.exe -target_method ScanFile -nargs 1 -w 4 -- C:\QHScan.exe @@

afl-fuzz.exe -M master0 -i C:\minset -o C:\fuzz -D C:\DynamoRIO\bin32 -t 20000 -- -covtype edge -coverage_module SCANSDK.DLL -coverage_module platform.qvd -coverage_module filesdk.qvd -coverage_module ggstub.dll -coverage_module onlnmf.dll -coverage_module diskapi.dll -coverage_module bdsitf.dll -coverage_module infori.dll -coverage_module FileWrap.dll -coverage_module registry.dll -coverage_module opsitf.dll -coverage_module catitf.dll -coverage_module disasm.qvd -coverage_module dataproc.qvd -coverage_module qhpicln.dll -coverage_module engncore.qvd -coverage_module pescan.qvd -coverage_module pepoly.qvd -coverage_module arcvsdk.qvd -coverage_module lzesdk.qvd -coverage_module heurscan.qvd -coverage_module npesdk.qvd -coverage_module boot.qvd -coverage_module miscscan.qvd -coverage_module webcat.dll -coverage_module qhkill.qvd -target_module qhscan.exe -target_method ScanFile -nargs 1 -- C:\QHScan.exe @@
afl-fuzz.exe -S slave0 -i C:\minset -o C:\fuzz -D C:\DynamoRIO\bin32 -t 20000 -- -covtype edge -coverage_module SCANSDK.DLL -coverage_module platform.qvd -coverage_module filesdk.qvd -coverage_module ggstub.dll -coverage_module onlnmf.dll -coverage_module diskapi.dll -coverage_module bdsitf.dll -coverage_module infori.dll -coverage_module FileWrap.dll -coverage_module registry.dll -coverage_module opsitf.dll -coverage_module catitf.dll -coverage_module disasm.qvd -coverage_module dataproc.qvd -coverage_module qhpicln.dll -coverage_module engncore.qvd -coverage_module pescan.qvd -coverage_module pepoly.qvd -coverage_module arcvsdk.qvd -coverage_module lzesdk.qvd -coverage_module heurscan.qvd -coverage_module npesdk.qvd -coverage_module boot.qvd -coverage_module miscscan.qvd -coverage_module webcat.dll -coverage_module qhkill.qvd -target_module qhscan.exe -target_method ScanFile -nargs 1 -- C:\QHScan.exe @@

Author

Ashfaq Ansari
ashfaq[at]cloudfuzz[dot]io
@HackSysTeam | Blog

About

Quick Heal Scanner Client

Resources

Readme

License

GPL-3.0 license
Activity
Custom properties

Stars

7 stars

Watchers

4 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages