Learn how to combine libprotobuf-mutator with libfuzzer & AFL++
- Ubuntu Linux 22.04 64 bit
- Clang 14.0.0
- libprotobuf-mutator 3.21.7 (af3bb1)
Important
As of 2023/12/01, this repo won't work with the latest libprotobuf-mutator. It is recommended to switch to commit af3bb1 before compile & installing the libraries ( reference ).
- AFL++ 4.09a (61e27c)
- Follow the step in this article and add the toolchain's apt repository in Ubuntu.
sudo apt-get install clang-14 libfuzzer-14-dev
Follow the step in libprotobuf-mutator's readme
sudo apt-get update sudo apt-get install protobuf-compiler libprotobuf-dev binutils cmake \ ninja-build liblzma-dev libz-dev pkg-config autoconf libtoolcd libprotobuf-mutator mkdir build cd build ( A cmake command, check the below section ) ninja # build the libraries sudo ninja install # install the libraries ( optional )About cmake command :
- Use the following cmake command to build
libprotobuf-mutator-libfuzzer.so.0andlibprotobuf-mutator.so.0shared library :
cmake .. -GNinja -DCMAKE_C_COMPILER=clang-14 \ -DCMAKE_CXX_COMPILER=clang++-14 \ -DCMAKE_BUILD_TYPE=Debug \ -DLIB_PROTO_MUTATOR_DOWNLOAD_PROTOBUF=ON \ -DBUILD_SHARED_LIBS=ON- To build static libraries (
libprotobuf-mutator-libfuzzer.aandlibprotobuf-mutator.a), use the followingcmakecommand ( this will generate libraries that can be linked into shared libraries / normal program ) :
cmake .. -GNinja -DCMAKE_C_COMPILER=clang-14 \ -DCMAKE_CXX_COMPILER=clang++-14 \ -DCMAKE_BUILD_TYPE=Debug \ -DLIB_PROTO_MUTATOR_DOWNLOAD_PROTOBUF=ON \ -DCMAKE_C_FLAGS="-fPIC" -DCMAKE_CXX_FLAGS="-fPIC"After building successfully, you can go to the build directory, and use the following command to check if the library is built correctly :
# Check if libprotobuf-mutator.so.0 exist # To check other libraries just change the library name find . | grep "libprotobuf-mutator.so.0"- Upgrade Clang/LLVM & libfuzzer ( install a new version )
- Upgrade AFL++ ( git pull & rebuild )
- Upgrade libprotobuf-mutator ( git pull & rebuild )
- Rebuild and re-install
libprotobuf-mutator-libfuzzer.so.0andlibprotobuf-mutator.so.0. - Rebuild
libprotobuf-mutator-libfuzzer.aandlibprotobuf-mutator.a.
- Rebuild and re-install
- Re-compile the protobuf with newer
protocand replace those*.cc&*.hwith new ones.
Q : I ran into this error message while building the binary : This file was generated by an old version of protoc.
A : If your protoc's version is newer, make sure to re-generate test.pb.cc and test.pb.h with the original protobuf source code test.proto ( source code and steps to generate *.cc & *.h are all in 1_simple_protobuf ).
- Simple protobuf example
- libprotobuf + libfuzzer
- libprotobuf + libfuzzer ( custom mutator )
- How to combine libprotobuf-mutator and AFL++
- Handling input samples from AFL++ in custom mutator
- libprotobuf-mutator
- Deconstructing LibProtobuf/Mutator Fuzzing
- Custom Proto Mutation
- AFL++ custom mutator
- afl-libprotobuf-mutator
- Advanced binary fuzzing using AFL++-QEMU and libprotobuf: a practical case of grammar-aware in-memory persistent fuzzing
MIT