Ivan Fratric
Ivan Fratric
And you're pointing to an older DR version.
You shouldn't use a path in -target_module and -coverage_module flags, e.g. `-target_module test.exe` instead of `-target_module .\test.exe`. My earlier comment about the path was referring to changing the path in...
Yep, likely no symbols are available (release build) and, additionally, WinAFL needs to be compiled with -DUSE_DRSYMS=1 in order to recognize the name (`main`). Otherwise, offset should be used.
USE_DRSYMS is a WinAFL flag (affecting whether drsyms module will be used) so you won't find it in other projects. To get some extra speed, increase `-fuzz_iterations`. `-fuzz_iterations 10` means...
I think it might make sense in some scenarios, but with a caveat that the target process is going to need to survive the entire fuzzing session. Meaning, if you...
Yep, those are "some scenarios" where it might be useful :-) If you want to make that change, feel free to submit a pull request.
Sounds good, thanks!
Depends on the target (with which I am fully unfamiliar). In general, a good input file corpus can help. And if the target uses a text format or contains some...
Two thoughts here: - try explicitly setting the `-fuzz_iterations` value, both in the debug and fuzzing case and see if it behaves any different. - Perhaps there is some difference...
If it works in Jackalope, then perhaps it's an issue with DynamoRIO, you could try getting a more recent DR version from https://github.com/DynamoRIO/dynamorio/releases and rebuild WinAFL with it.