Ivan Fratric
Ivan Fratric
adding @mxmssh (author of the custom net fuzzer)
Hmm not sure why it fails on 1909, but I know on later versions (2004 and above) there was an issue that was fixed in WinIPT in https://github.com/ionescu007/winipt/pull/10. Note also...
If you get WinIPT from https://github.com/ionescu007/winipt and build and run it standalone (without WinAFL), do you still get the same error?
Interesting. Could you check the return value of GetFinalPathNameByHandleA, possibly it is failing and that's why you get the name of the previous DLL. Could you also check if the...
As for your other question about the target method, `target_module` takes just the base name, not the path, so `-target_module E:\w.exe` should be `-target_module w.exe`. Most likely this is the...
I see. The problem is that base_name is used later. However, we can do this: - If the file handle is NULL, set base_name to null and add a breakpoint...
To expand a bit on how catching the return from target function is supposed to work: When the target function is reached for the first time, its return address is...
Hmm, yeah, currently WinAFL in PT mode does support module loading and unloading during iterations, but only if the module is always loaded on the same address (which is usually...
Perhaps this tool will work? https://blog.didierstevens.com/2010/10/17/setdllcharacteristics/
And if that doesn't work there is also EDITBIN https://docs.microsoft.com/en-us/cpp/build/reference/editbin-options?view=vs-2017