kAFL
kAFL copied to clipboard
RUB-SysSec
Code for the USENIX 2017 paper: kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels
Has anyone got this working with the latest macOS? I have found to run macOS on QEMU I need to add several CPU feature flags including the `invtsc` flag, however...
After using this project, I can get the TNT and the TIP information, but I also need the time information,so can I ask for how to modify the code to...
Such a powerful project. And I have found and fixed several bugs, do you mind that I maintain it in my forked repository?
Hi, have followed the steps provided to configure kAFL. However, I have encounter problems. Current Host Architecture: Ubuntu 16.04 64-bit On the "executing loader binary" step, I execute loader binary...
qemu.py sends an extra 'R' message during initial handshake and soft reload. This releases the virtual machine that is waiting on hypercall_next_payload before qemu.py writes to the payload buffer. As...
Hi Sergey and mxmssh , Thank you for the great tool & research! I am trying to do fuzzing of kafl_vuln_test using kAFL but I have a problem. I managed...
I installed on ubuntu 16.04.3 server and followed the startup instructions in the readme to load the vulnerable test driver in the guest and start fuzzing it. After about three...
Hi, First of all, thanks for your work, kAFL is very impressive. Could you provide the agents you used to fuzz windows? These could be good examples for starters.
Includes a makefile and compiled binary for the vulnerable windows driver. Users might have to change their include directories but it should at least put them in the right direction.
In mapserver.py lz4 module wasn't properly invoked and caused the crash of the program when handling a kernel panic event. I fixed the bug following lz4 documentation (https://python-lz4.readthedocs.io/en/stable/quickstart.html#simple-usage). pyno
Metadata
Owner
Metadata
Code for the USENIX 2017 paper: kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels