Skip to content

sardChen/enfuzzer

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 

Repository files navigation

EnFuzzer

Tool for ensemble fuzzing, it works across most Linux distributions. So far, Enfuzzer has passed all the testcases and worked well on ubuntu, archlinux, centos, debian, fedora, gentoo and opensuse.

The latest version of enfuzzer was moved to http://wingtecher.com/Enfuzz/.

image

The detail use of Enfuzz Server can be found in https://github.com/131250106/enfuzzer/tree/master/example.

CVE list

CVE ID Projects CVE type
CVE-2018-11097 cstring Memory leak
CVE-2018-11212 libjpeg Divide-by-zero error
CVE-2018-11213 libjpeg Segmentation fault
CVE-2018-11214 libjpeg Segmentation fault
CVE-2018-11363 PDFGen Heap buffer overflow
CVE-2018-11364 ReadStat Memory leak
CVE-2018-11365 ReadStat Infinite loop
CVE-2018-11468 discount Heap buffer overflow
CVE-2018-11503 discount Heap buffer overflow
CVE-2018-11504 discount Heap buffer overflow
CVE-2018-11536 md4c Heap buffer overflow
CVE-2018-11545 md4c Heap buffer overflow
CVE-2018-11546 md4c Heap buffer overflow
CVE-2018-11547 md4c Heap buffer overflow
CVE-2018-11813 libjpeg Large loop
CVE-2018-12064 tinyexr Heap buffer overflow
CVE-2018-12092 tinyexr Heap buffer overflow
CVE-2018-12093 tinyexr Memory leak
CVE-2018-12108 lepton SIGFPE
CVE-2018-12109 FLIF Heap buffer overflow
CVE-2018-12495 tinyexr Heap buffer overflow
CVE-2018-12503 tinyexr Heap buffer overflow
CVE-2018-12504 tinyexr Assert failure
CVE-2018-12687 tinyexr Assert failure
CVE-2018-12688 tinyexr Segmentation fault
CVE-2018-13030 jpeg-compressor Stack buffer overflow
CVE-2018-13037 jpeg-compressor Stack buffer overflow
CVE-2018-13419 libsndfile Memory leak
CVE-2018-13420 gperftools Buffer overflow
CVE-2018-13421 fast-cpp-csv-parser Buffer overflow
CVE-2018-13794 cat-image Buffer overflow
CVE-2018-13795 gravity Endless loop
CVE-2018-13833 cmft Stack buffer overflow
CVE-2018-13843 htslib Memory Leak
CVE-2018-13844 htslib Memory Leak
CVE-2018-13845 htslib Buffer overflow
CVE-2018-13846 Bento4 Buffer overread
CVE-2018-13847 Bento4 SEGV
CVE-2018-13848 Bento4 SEGV
CVE-2018-13996 genann Stack buffer overflow
CVE-2018-13997 genann SEGV
CVE-2018-14047 pngwriter SEGV
CVE-2018-14048 libpng SEGV
CVE-2018-14049 libwav SEGV
CVE-2018-14050 libwav SEGV
CVE-2018-14051 libwav infinite loop
CVE-2018-14052 libwav SEGV
CVE-2018-14072 libsixel Memory leak
CVE-2018-14073 libsixel Memory leak
CVE-2018-14521 aubio SEGV signal
CVE-2018-14522 aubio SEGV signal
CVE-2018-14523 aubio Global buffer overflow
CVE-2018-14531 Bento4 Buffer Overflow
CVE-2018-14532 Bento4 Buffer Overflow
CVE-2018-14549 libwav SEGV
CVE-2018-14550 libpng Stack buffer overflow
CVE-2018-14562 THULAC SEGV
CVE-2018-14563 THULAC alloc-dealloc-mismatch
CVE-2018-14564 THULAC SEGV
CVE-2018-14565 THULAC Heap buffer overflow
CVE-2018-14584 Bento4 Buffer overflow
CVE-2018-14585 Bento4 Buffer overflow
CVE-2018-14586 Bento4 SEGV
CVE-2018-14587 Bento4 Buffer overflow
CVE-2018-14588 Bento4 SEGV
CVE-2018-14589 Bento4 Heap buffer overflow
CVE-2018-14590 Bento4 SEGV
CVE-2018-14736 pbc Buffer overflow
CVE-2018-14737 pbc SEGV
CVE-2018-14738 pbc SEGV
CVE-2018-14739 pbc SEGV
CVE-2018-14740 pbc SEGV
CVE-2018-14741 pbc SEGV
CVE-2018-14742 pbc SEGV
CVE-2018-14743 pbc SEGV
CVE-2018-14744 pbc Use after free
CVE-2018-14944 jpeg_encoder SEGV
CVE-2018-14945 jpeg_encoder heap buffer overflow
CVE-2018-14946 pdf2json Alloc_dealloc_mismatch
CVE-2018-14947 pdf2json Alloc_dealloc_mismatch
CVE-2018-14948 sound Alloc-dealloc-mismatch
CVE-2018-16781 ffjpeg FPE signal
CVE-2018-16782 imageworsener overflow
CVE-2018-17042 dbf2txt infinite loop
CVE-2018-17043 doc2txt heap buffer overflow
CVE-2018-17072 json buffer over-read
CVE-2018-17073 bitmap NULL pointer dereference
CVE-2018-17093 xar NULL pointer dereference
CVE-2018-17094 xar SEGV
CVE-2018-17095 xar Heap buffer overflow
CVE-2018-17338 pdfalto heap buffer overflow
CVE-2018-17427 simdcomp heap buffer overflow
CVE-2018-17854 simdcomp heap buffer overflow
CVE-2018-18581 LuPng heap buffer overflow
CVE-2018-18582 LuPng heap buffer overflow
CVE-2018-18583 LuPng heap buffer overflow
CVE-2018-18834 libiec61850 heap buffer overflow
CVE-2018-18937 libiec61850 SEGV
CVE-2018-19093 libiec61850 SEGV
CVE-2018-19121 libiec61850 SEGV
CVE-2018-19122 libiec61850 SEGV
CVE-2018-19184 geth SEGVh
CVE-2018-19185 aleth Failure of transaction
CVE-2018-19330 mxml detected memory leaks
CVE-2018-19764 mxml stack buffer overflow
CVE-2018-20004 mxml heap-use-after-free
CVE-2018-7705 linux-kernel_3.10 memory leak
CVE-2018-7706 linux-kernel_3.10 memory leak
CVE-2018-7707 linux-kernel_3.10 memory leak
CVE-2018-7708 linux-kernel_3.10 memory leak
CVE-2018-7709 linux-kernel_4.20 invalid free

Install

To install our EnFuzzer, you can just execute in shell:

./install

Arch Linux and Ubuntu 16.04 are tested, but it should work on other Linux distributions. Please configure the PATH environment variable in your shell first, to include /opt/enfuzzer/.

Execute in shell:

export PATH="/opt/enfuzzer:$PATH"

Or you can directly insert the content above in configuration files such as ~/.bashrc.

Configure and Build

Enfuzzer also provide a easy used interface for building process, you can build your project by execute in shell:

Enfuzzer build -gz xxx.tar.gz

then it will automatically build three binary — one pure binary with no instrumentation for Radamsa; one binary built with afl-gcc for AFL; one binary built with sanitizer for libFuzzer.

You can also build your project manually. The build stage of target application for afl-fuzz is easy and totally the same as AFL, which can be completed with afl-gcc. The build stage of target application for libfuzzer is easy too, which can be completed with libfuzzer.a. The build stage for pure binary with no instrumentation is the same as normal build stage of target application.

For efficient fuzzing, you can build target application with ASAN or other Sanitizer. You can complete it easily with our another tool SAFL

Start fuzzing

Seeds preparation

After building target application, you can use EnFuzzer for fuzzing. Before it, you need to create a seed directory for seeds preparation.

❯ mkdir in & cp -r ../seed in
❯ ll
[*]       app*
[*]       in/

Direct invocation

You need to have tmux installed (sudo apt-get install tmux), then execute:

EnFuzzer ./app 

image

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages