├── .gitignore
├── README.md
├── collectQueues.sh
├── createGcovTests.sh
├── createSubmission.sh
├── dictionaries
    ├── cat
    ├── cp
    ├── date
    ├── dd
    ├── df
    ├── dir
    ├── echo
    ├── false
    ├── ln
    ├── ls
    ├── mkdir
    ├── mktemp
    ├── mv
    ├── printf
    ├── pwd
    ├── sleep
    ├── touch
    ├── true
    ├── uname
    └── vdir
├── files
    ├── 1GB_HDD.img
    ├── file1
    └── file2
├── input
    ├── cat
    │   └── basic
    ├── cp
    │   └── basic
    ├── date
    │   └── basic
    ├── dd
    │   └── basic
    ├── df
    │   └── basic
    ├── dir
    │   └── basic
    ├── echo
    │   └── basic
    ├── false
    │   └── basic
    ├── ln
    │   └── basic
    ├── ls
    │   └── basic
    ├── mkdir
    │   └── basic
    ├── mktemp
    │   └── basic
    ├── mv
    │   └── basic
    ├── printf
    │   └── basic
    ├── pwd
    │   └── basic
    ├── sleep
    │   └── basic
    ├── touch
    │   └── basic
    ├── true
    │   └── basic
    ├── uname
    │   └── basic
    └── vdir
    │   └── basic
├── kickstart.sh
├── src
    └── bin_to_string.c
├── submission
    ├── README.md
    ├── cat.txt
    ├── cp.txt
    ├── date.txt
    ├── dd.txt
    ├── df.txt
    ├── dir.txt
    ├── echo.txt
    ├── false.txt
    ├── files
    │   ├── file1
    │   └── file2
    ├── ln.txt
    ├── ls.txt
    ├── mkdir.txt
    ├── mktemp.txt
    ├── mv.txt
    ├── printf.txt
    ├── pwd.txt
    ├── sleep.txt
    ├── touch.txt
    ├── true.txt
    ├── uname.txt
    └── vdir.txt
├── tests
    └── runTests.sh
└── tools
    └── bin_to_string


/.gitignore:
--------------------------------------------------------------------------------
 1 | afl-instrumented/
 2 | output/
 3 | aflcov-reports/
 4 | coreutils-gcov/
 5 | *.backup/
 6 | # Prerequisites
 7 | *.d
 8 | 
 9 | # Object files
10 | *.o
11 | *.ko
12 | *.obj
13 | *.elf
14 | 
15 | # Linker output
16 | *.ilk
17 | *.map
18 | *.exp
19 | 
20 | # Precompiled Headers
21 | *.gch
22 | *.pch
23 | 
24 | # Libraries
25 | *.lib
26 | *.a
27 | *.la
28 | *.lo
29 | 
30 | # Shared objects (inc. Windows DLLs)
31 | *.dll
32 | *.so
33 | *.so.*
34 | *.dylib
35 | 
36 | # Executables
37 | *.exe
38 | *.out
39 | *.app
40 | *.i*86
41 | *.x86_64
42 | *.hex
43 | 
44 | # Debug files
45 | *.dSYM/
46 | *.su
47 | *.idb
48 | *.pdb
49 | 
50 | # Kernel Module Compile Results
51 | *.mod*
52 | *.cmd
53 | .tmp_versions/
54 | modules.order
55 | Module.symvers
56 | Mkfile.old
57 | dkms.conf
58 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # Fuzzing
 2 | 
 3 | This repo is for a project of Fuzzing the Ubuntu core-utils as part of a fuzzing competition.
 4 | By using AFL-fuzzing as described in the full [Submission report](submission/README.md) we were able to achieve ~75% line-coverage.
 5 | 
 6 | This repo contains the extra tools, our used dictionaries and seeds.
 7 | 
 8 | The fuzzing is performed using afl-fuzz, with limited simple inputs and [dictionaries](https://lcamtuf.blogspot.com/2015/01/afl-fuzz-making-up-grammar-with.html) used instead of grammars or other more complex variants.
 9 | 
10 | The [input folder](input) contains the files used for inputs, the [dictionaries folder](dictionaries) contains the dictionaries used for fuzzing.
11 | The submission folder is the folder submitted for the competition, and a much longer readme.
12 | 
13 | # Scripts
14 | The [src](src) folder contains the bin_to_string.c program, which is called by [createSubmission.sh](createSubmission.sh) to convert the binary outputs of AFL to a space separated string of arguments.  
15 | 
16 | [createGcovTests.sh](createGcovTests.sh) creates runnable .sh scripts from the submission files, which can be uploaded to a container and ran with [tests/runTests.sh](tests/runTests.sh).
17 | 
18 | [kickstart.sh](kickstart.sh) and [collectQueues.sh](collectQueues.sh) were used for starting the fuzzing on nodes which were already started with a prepared image.
19 | 


--------------------------------------------------------------------------------
/collectQueues.sh:
--------------------------------------------------------------------------------
 1 | # This script is to fetch AFL's queue folder from each pod to the output directory 
 2 | # Need to replace ! with pods that are alive for this to work.
 3 | kubectl cp !:/root/out/cat/queue/ ./output/cat/
 4 | kubectl cp date-7989d4f58c-zfd5d:/root/out/date/queue/ ./output/date/
 5 | kubectl cp mkdir-8448d5f44f-vpxfm:/root/out/mkdir/queue/ ./output/mkdir/
 6 | kubectl cp touch-f8d47449-bg24s:/root/out/touch/queue/ ./output/touch/
 7 | kubectl cp !:/root/out/df/queue/ ./output/df/
 8 | kubectl cp !:/root/out/echo/queue/ ./output/echo/
 9 | kubectl cp !:/root/out/ln/queue/ ./output/ln/
10 | kubectl cp !:/root/out/mv/queue/ ./output/mv/
11 | kubectl cp !:/root/out/pwd/queue/ ./output/pwd/
12 | kubectl cp !:/root/out/uname/queue/ ./output/uname/
13 | kubectl cp !:/root/out/cp/queue/ ./output/cp/
14 | kubectl cp !:/root/out/dd/queue/ ./output/dd/
15 | kubectl cp !:/root/out/dir/queue/ ./output/dir/
16 | kubectl cp !:/root/out/false/queue/ ./output/false/
17 | kubectl cp !:/root/out/ls/queue/ ./output/ls/
18 | kubectl cp !:/root/out/mktemp/queue/ ./output/mktemp/
19 | kubectl cp !:/root/out/printf/queue/ ./output/printf/
20 | kubectl cp !:/root/out/sleep/queue/ ./output/sleep/
21 | kubectl cp !:/root/out/true/queue/ ./output/true/
22 | kubectl cp !:/root/out/vdir/queue/ ./output/vdir/


--------------------------------------------------------------------------------
/createGcovTests.sh:
--------------------------------------------------------------------------------
 1 | # Make runnable .sh files with the test cases prepared for submission
 2 | awk '$0="/root/coreutils-gcov/src/date "$0' ./submission/date.txt > ./tests/date.sh
 3 | awk '$0="/root/coreutils-gcov/src/df "$0' ./submission/df.txt > ./tests/df.sh
 4 | awk '$0="/root/coreutils-gcov/src/echo "$0' ./submission/echo.txt > ./tests/echo.sh
 5 | awk '$0="/root/coreutils-gcov/src/ln "$0' ./submission/ln.txt > ./tests/ln.sh
 6 | awk '$0="/root/coreutils-gcov/src/mkdir "$0' ./submission/mkdir.txt > ./tests/mkdir.sh
 7 | awk '$0="/root/coreutils-gcov/src/mv "$0' ./submission/mv.txt > ./tests/mv.sh
 8 | awk '$0="/root/coreutils-gcov/src/pwd "$0' ./submission/pwd.txt > ./tests/pwd.sh
 9 | awk '$0="/root/coreutils-gcov/src/touch "$0' ./submission/touch.txt > ./tests/touch.sh
10 | awk '$0="/root/coreutils-gcov/src/uname "$0' ./submission/uname.txt > ./tests/uname.sh
11 | awk '$0="/root/coreutils-gcov/src/cp "$0' ./submission/cp.txt > ./tests/cp.sh
12 | awk '$0="/root/coreutils-gcov/src/dd "$0' ./submission/dd.txt > ./tests/dd.sh
13 | awk '$0="/root/coreutils-gcov/src/dir "$0' ./submission/dir.txt > ./tests/dir.sh
14 | awk '$0="/root/coreutils-gcov/src/false "$0' ./submission/false.txt > ./tests/false.sh
15 | awk '$0="/root/coreutils-gcov/src/ls "$0' ./submission/ls.txt > ./tests/ls.sh
16 | awk '$0="/root/coreutils-gcov/src/mktemp "$0' ./submission/mktemp.txt > ./tests/mktemp.sh
17 | awk '$0="/root/coreutils-gcov/src/printf "$0' ./submission/printf.txt > ./tests/printf.sh
18 | awk '$0="/root/coreutils-gcov/src/sleep "$0' ./submission/sleep.txt > ./tests/sleep.sh
19 | awk '$0="/root/coreutils-gcov/src/true "$0' ./submission/true.txt > ./tests/true.sh
20 | awk '$0="/root/coreutils-gcov/src/vdir "$0' ./submission/vdir.txt > ./tests/vdir.sh
21 | 


--------------------------------------------------------------------------------
/createSubmission.sh:
--------------------------------------------------------------------------------
 1 | # This script creates the final submission files from gathered queues
 2 | # Assumes that the output directory has multiple folders.
 3 | # 
 4 | # Directory structure:
 5 | # 	createSubmission.sh
 6 | # 	output/ 
 7 | # 		program1/
 8 | #			AFL_output1
 9 | #			AFL_output2
10 | #			...
11 | #		program2/ 
12 | #		...
13 | #	submission/		<- Needs to be created before running the script
14 | #		program1.txt	<- Created by the script
15 | #		program2.txt
16 | #		...
17 | 
18 | #!/bin/bash
19 | 
20 | for dname in output/*/; do
21 | 	dname=${dname#"output/"}
22 | 	dname=${dname%"/"}
23 | 	echo $dname 
24 | 	# Create txt files
25 | 	for filename in ./output/${dname}/*; do
26 | 		[ -e "$filename" ] || continue
27 | 		cat $filename | ./tools/bin_to_string >> $filename.temp.txt
28 | 	    done
29 | 	# Create the submission file
30 | 	cat ./output/${dname}/*.temp.txt >> ./submission/${dname}.txt
31 | 	# Clear out the temporary txt files
32 | 	rm ./output/${dname}/*.temp.txt
33 | 	done
34 | 


--------------------------------------------------------------------------------
/dictionaries/cat:
--------------------------------------------------------------------------------
 1 | =" "
 2 | ="@@"
 3 | ="="
 4 | ="-"
 5 | ="*"
 6 | ="../"
 7 | ="/"
 8 | ="'"
 9 | ="["
10 | ="]"
11 | ="--help"
12 | ="--version"
13 | ="--backup"
14 | ="-b"
15 | ="-e"
16 | ="-n"
17 | ="-s"
18 | ="-t"
19 | ="-u"
20 | ="-v"
21 | ="@@"
22 | ="file1"
23 | ="cat"
24 | ="?"
25 | ="/etc/*"
26 | ="*"
27 | 


--------------------------------------------------------------------------------
/dictionaries/cp:
--------------------------------------------------------------------------------
 1 | ="="
 2 | ="-"
 3 | ="*"
 4 | ="../"
 5 | ="/"
 6 | ="'"
 7 | ="["
 8 | ="]"
 9 | ="--help"
10 | ="--version"
11 | ="--backup"
12 | ="-a"
13 | ="-f"
14 | ="-H"
15 | ="-i"
16 | ="-L"
17 | ="-n"
18 | ="-p"
19 | ="-P"
20 | ="-R"
21 | ="-v"
22 | ="-X"
23 | ="-c"
24 | =" "
25 | ="./files/file1"
26 | ="./files/file2"
27 | ="/etc/"
28 | ="./files/dir1/"
29 | 


--------------------------------------------------------------------------------
/dictionaries/date:
--------------------------------------------------------------------------------
 1 | =" "
 2 | ="-a"
 3 | ="-l"
 4 | ="-v"
 5 | ="-d dst"
 6 | ="-f"
 7 | ="-j"
 8 | ="-n"
 9 | ="-R"
10 | ="-r 2352341"
11 | ="-r @@"
12 | ="-t 60"
13 | ="-u"
14 | ="-v ``+%+''"
15 | ="cc"
16 | ="yy"
17 | ="mm"
18 | ="dd"
19 | ="HH"
20 | ="MM"
21 | ="ss"
22 | ="0613162785"
23 | =""+%m%d%H%M%Y.%S""
24 | ="1432"
25 | ="%a"
26 | ="""


--------------------------------------------------------------------------------
/dictionaries/dd:
--------------------------------------------------------------------------------
 1 | =" "
 2 | ="@@"
 3 | ="="
 4 | ="-"
 5 | ="*"
 6 | ="../"
 7 | ="/"
 8 | ="'"
 9 | ="["
10 | ="]"
11 | ="--help"
12 | ="--version"
13 | ="--backup"
14 | ="bs="
15 | ="111111"
16 | ="1"
17 | ="cbs="
18 | ="count="
19 | ="files="
20 | ="ibs="
21 | ="if=@@"
22 | ="iseek="
23 | ="obs="
24 | ="oseek="
25 | ="seek="
26 | ="skip="
27 | ="conv="
28 | ="ascii"
29 | ="oldascii"
30 | ="block"
31 | ="ebcdic"
32 | ="ibm"
33 | ="oldebcdic"
34 | ="oldibm"
35 | ="lcase"
36 | ="noerror"
37 | ="notrunc"
38 | ="osync"
39 | ="sparse"
40 | ="swab"
41 | ="sync"
42 | ="ucase"
43 | ="*"
44 | ="unblock"
45 | 
46 | 
47 | 
48 | 
49 | 
50 | 
51 | 
52 | 


--------------------------------------------------------------------------------
/dictionaries/df:
--------------------------------------------------------------------------------
 1 | =" "
 2 | ="@@"
 3 | ="="
 4 | ="-"
 5 | ="*"
 6 | ="../"
 7 | ="/"
 8 | ="'"
 9 | ="["
10 | ="]"
11 | ="--help"
12 | ="--version"
13 | ="--backup"
14 | ="-a"
15 | ="-b"
16 | ="-g"
17 | ="-H"
18 | ="-h"
19 | ="-i"
20 | ="-k"
21 | ="-l"
22 | ="-m"
23 | ="-n"
24 | ="-P"
25 | ="-T"
26 | ="-t"
27 | ="nonfs"
28 | =","
29 | ="mfs"
30 | 
31 | 
32 | 
33 | 


--------------------------------------------------------------------------------
/dictionaries/dir:
--------------------------------------------------------------------------------
  1 | =" "
  2 | ="@@"
  3 | ="="
  4 | ="-"
  5 | ="*"
  6 | ="../"
  7 | ="/"
  8 | ="'"
  9 | ="["
 10 | ="]"
 11 | ="--help"
 12 | ="--version"
 13 | ="--backup"
 14 | ="-a"
 15 | ="--all"
 16 | ="-A"
 17 | ="--almost-all"
 18 | ="--author"
 19 | ="-l"
 20 | ="-b"
 21 | ="--escape"
 22 | ="-block-size=55"
 23 | ="-B"
 24 | ="--ignore-backups"
 25 | ="-c"
 26 | ="-C"
 27 | ="--color"
 28 | ="auto"
 29 | ="almost"
 30 | ="never"
 31 | ="-d"
 32 | ="--directory"
 33 | ="-D"
 34 | ="--dired"
 35 | ="-f"
 36 | ="-F"
 37 | ="--classify"
 38 | ="--file-type"
 39 | ="--format"
 40 | ="-x"
 41 | ="-n"
 42 | ="-m"
 43 | ="-1"
 44 | ="-l"
 45 | ="-c"
 46 | ="-C"
 47 | ="--full-time"
 48 | ="--time-style=full-iso"
 49 | ="-g"
 50 | ="--group-directories-first"
 51 | ="-G"
 52 | ="-h"
 53 | ="--si"
 54 | ="-H"
 55 | ="--dereference-command-line"
 56 | ="--dereference-command-line-symlink-to-dir"
 57 | ="--hide="
 58 | ="--hyperlink"
 59 | ="--indicator-style"
 60 | ="-i"
 61 | ="--inode"
 62 | ="-I"
 63 | ="--ignore"
 64 | ="-k"
 65 | ="--kbytes"
 66 | ="-l"
 67 | ="-L"
 68 | ="-m"
 69 | ="-N"
 70 | ="-o"
 71 | ="-p"
 72 | ="-q"
 73 | ="--show-control-charts"
 74 | ="-Q"
 75 | ="--quote-name"
 76 | ="--quoting-style"
 77 | ="-r"
 78 | ="--reverse"
 79 | ="-R"
 80 | ="--recursive"
 81 | ="-s"
 82 | ="-size"
 83 | ="-S"
 84 | ="--sort"
 85 | ="--time"
 86 | ="--time-style"
 87 | ="-t"
 88 | ="-T"
 89 | ="-u"
 90 | ="-U"
 91 | ="-v"
 92 | ="-w"
 93 | ="-x"
 94 | ="-X"
 95 | ="-Z"
 96 | ="-1"
 97 | ="--help"
 98 | ="--version"
 99 | 
100 | 
101 | 
102 | 
103 | 
104 | 
105 | 
106 | 
107 | 
108 | 
109 | 
110 | 


--------------------------------------------------------------------------------
/dictionaries/echo:
--------------------------------------------------------------------------------
 1 | =" "
 2 | ="@@"
 3 | ="="
 4 | ="-"
 5 | ="*"
 6 | ="../"
 7 | ="/"
 8 | ="'"
 9 | ="["
10 | ="]"
11 | ="--help"
12 | ="--version"
13 | ="-n"
14 | ="-E"
15 | ="-e"
16 | 


--------------------------------------------------------------------------------
/dictionaries/false:
--------------------------------------------------------------------------------
 1 | =" "
 2 | ="@@"
 3 | ="="
 4 | ="-"
 5 | ="*"
 6 | ="../"
 7 | ="/"
 8 | ="'"
 9 | ="["
10 | ="]"
11 | ="--help"
12 | ="--version"
13 | 


--------------------------------------------------------------------------------
/dictionaries/ln:
--------------------------------------------------------------------------------
 1 | =" "
 2 | ="@@"
 3 | ="="
 4 | ="-"
 5 | ="*"
 6 | ="../"
 7 | ="/"
 8 | ="'"
 9 | ="["
10 | ="]"
11 | ="--help"
12 | ="--version"
13 | ="--backup"
14 | ="-b"
15 | ="-d"
16 | ="-F"
17 | ="--directory"
18 | ="-f"
19 | ="--force"
20 | ="-i"
21 | ="--interactive"
22 | ="-L"
23 | ="--logical"
24 | ="-n"
25 | ="--no-dereference"
26 | ="-P"
27 | ="-r"
28 | ="-s"
29 | ="-t"
30 | ="-S"
31 | ="--physical"
32 | ="--relative"
33 | ="--symbolic"
34 | ="--suffix"
35 | ="--no-target-directory"
36 | ="--target-directory"
37 | ="-T"
38 | ="-v"
39 | ="none"
40 | ="off"
41 | ="numbered"
42 | ="t"
43 | ="existing"
44 | ="simple"
45 | ="nil"
46 | ="never"


--------------------------------------------------------------------------------
/dictionaries/ls:
--------------------------------------------------------------------------------
 1 | =" "
 2 | ="@@"
 3 | ="="
 4 | ="-"
 5 | ="*"
 6 | ="../"
 7 | ="/"
 8 | ="'"
 9 | ="["
10 | ="]"
11 | ="--help"
12 | ="--version"
13 | ="--backup"
14 | ="-a"
15 | ="--all"
16 | ="-A"
17 | ="--almost-all"
18 | ="--author"
19 | ="-b"
20 | ="--escape"
21 | ="--block-size"
22 | ="-B"
23 | ="--ignore-backups"
24 | ="-c"
25 | ="-C"
26 | ="--color"
27 | ="-d"
28 | ="--directory"
29 | ="-D"
30 | ="--dired"
31 | ="-f"
32 | ="-F"
33 | ="--classify"
34 | ="--file-type"
35 | ="--format"
36 | ="--full-time"
37 | ="-g"
38 | ="--group-directories-first"
39 | ="-g"
40 | ="--no-group"
41 | ="-h"
42 | ="--human-readable"
43 | ="--si"
44 | ="-H"
45 | ="--dereference-command-line"
46 | ="--dereference-command-line-symlink-to-dir"
47 | ="--hide"
48 | ="--indicator-style"
49 | ="-i"
50 | ="--inode"
51 | ="-I"
52 | ="--ignore"
53 | ="-k"
54 | ="--kibibytes"
55 | ="-l"
56 | ="-L"
57 | ="--dereference"
58 | ="-m"
59 | ="-n"
60 | ="--numeric-uid-gid"
61 | ="-N"
62 | ="--literal"
63 | ="-o"
64 | ="-p"
65 | ="-q"
66 | ="--show-control-chars"
67 | ="-Q"
68 | ="--quote-name"
69 | ="--quoting-style"
70 | ="-r"
71 | ="--reverse"
72 | ="--recursive"
73 | ="-R"
74 | ="-s"
75 | ="--size"
76 | ="-S"
77 | ="--sort"
78 | ="--time"
79 | ="--time-style"
80 | ="-t"
81 | ="-T"
82 | ="-u"
83 | ="-U"
84 | ="-v"
85 | ="-w"
86 | ="--width"
87 | ="-x"
88 | ="-X"
89 | ="-Z"
90 | ="--context"
91 | ="-1"


--------------------------------------------------------------------------------
/dictionaries/mkdir:
--------------------------------------------------------------------------------
 1 | =" "
 2 | ="@@"
 3 | ="="
 4 | ="-"
 5 | ="*"
 6 | ="../"
 7 | ="/"
 8 | ="'"
 9 | ="["
10 | ="]"
11 | ="--help"
12 | ="--version"
13 | ="--backup"
14 | ="-m"
15 | ="-p"
16 | ="-v"
17 | ="-Z"
18 | ="--context"
19 | ="--help"
20 | ="--version"
21 | ="--mode"
22 | ="--parents"
23 | ="--verbose"


--------------------------------------------------------------------------------
/dictionaries/mktemp:
--------------------------------------------------------------------------------
 1 | =" "
 2 | ="@@"
 3 | ="="
 4 | ="-"
 5 | ="*"
 6 | ="../"
 7 | ="/"
 8 | ="'"
 9 | ="["
10 | ="]"
11 | ="--help"
12 | ="--version"
13 | ="--backup"
14 | ="-d"
15 | ="-u"
16 | ="-q"
17 | ="-p"
18 | ="-t"
19 | ="--directory"
20 | ="--dry-run"
21 | ="--quiet"
22 | ="--suffix"
23 | ="--tmpdir"


--------------------------------------------------------------------------------
/dictionaries/mv:
--------------------------------------------------------------------------------
 1 | =" "
 2 | ="@@"
 3 | ="="
 4 | ="-"
 5 | ="*"
 6 | ="../"
 7 | ="/"
 8 | ="'"
 9 | ="["
10 | ="]"
11 | ="--help"
12 | ="--version"
13 | ="--backup"
14 | ="-b"
15 | ="-f"
16 | ="-i"
17 | ="-n"
18 | ="-S"
19 | ="-t"
20 | ="-T"
21 | ="-u"
22 | ="-v"
23 | ="--backup"
24 | ="--force"
25 | ="--interactive"
26 | ="--no-clobber"
27 | ="--strip-trailing-slashes"
28 | ="--suffix"
29 | ="--target-directory"
30 | ="--no-target-directory"
31 | ="--update"
32 | ="--verbose"
33 | ="--context"
34 | ="-Z"


--------------------------------------------------------------------------------
/dictionaries/printf:
--------------------------------------------------------------------------------
 1 | =" "
 2 | ="@@"
 3 | ="="
 4 | ="-"
 5 | ="*"
 6 | ="../"
 7 | ="/"
 8 | ="'"
 9 | ="["
10 | ="]"
11 | ="--help"
12 | ="--version"
13 | ="--backup"
14 | ="\"
15 | ="\a"
16 | ="\b"
17 | ="\c"
18 | ="\e"
19 | ="\f"
20 | ="\n"
21 | ="\r"
22 | ="\t"
23 | ="\v"
24 | ="\123"
25 | ="\xA"
26 | ="\u121A"
27 | ="\A1B2C5D7"
28 | ="%%"
29 | ="%b"
30 | ="%q"
31 | ="adam"


--------------------------------------------------------------------------------
/dictionaries/pwd:
--------------------------------------------------------------------------------
 1 | =" "
 2 | ="@@"
 3 | ="="
 4 | ="-"
 5 | ="*"
 6 | ="../"
 7 | ="/"
 8 | ="'"
 9 | ="["
10 | ="]"
11 | ="--help"
12 | ="--version"
13 | ="--backup"
14 | ="-L"
15 | ="-P"
16 | ="--logical"
17 | ="--physical"


--------------------------------------------------------------------------------
/dictionaries/sleep:
--------------------------------------------------------------------------------
 1 | =" "
 2 | ="@@"
 3 | ="="
 4 | ="-"
 5 | ="*"
 6 | ="../"
 7 | ="/"
 8 | ="'"
 9 | ="["
10 | ="]"
11 | ="--help"
12 | ="--version"
13 | ="--backup"
14 | ="11"


--------------------------------------------------------------------------------
/dictionaries/touch:
--------------------------------------------------------------------------------
 1 | =" "
 2 | ="@@"
 3 | ="="
 4 | ="-"
 5 | ="*"
 6 | ="../"
 7 | ="/"
 8 | ="'"
 9 | ="["
10 | ="]"
11 | ="--help"
12 | ="--version"
13 | ="--backup"
14 | ="-a"
15 | ="-c"
16 | ="-d"
17 | ="-f"
18 | ="-h"
19 | ="-m"
20 | ="-r"
21 | ="-t"
22 | ="--no-create"
23 | ="--date"
24 | ="--no-dereference"
25 | ="--reference"
26 | ="--time"
27 | ="access"
28 | ="atime""
29 | ="[[CC]YY]MMDDhhmm[.ss]"


--------------------------------------------------------------------------------
/dictionaries/true:
--------------------------------------------------------------------------------
 1 | =" "
 2 | ="@@"
 3 | ="="
 4 | ="-"
 5 | ="*"
 6 | ="../"
 7 | ="/"
 8 | ="'"
 9 | ="["
10 | ="]"
11 | ="--help"
12 | ="--version"
13 | ="--backup"


--------------------------------------------------------------------------------
/dictionaries/uname:
--------------------------------------------------------------------------------
 1 | =" "
 2 | ="@@"
 3 | ="="
 4 | ="-"
 5 | ="*"
 6 | ="../"
 7 | ="/"
 8 | ="'"
 9 | ="["
10 | ="]"
11 | ="--help"
12 | ="--version"
13 | ="--backup"
14 | ="-a"
15 | ="-s"
16 | ="-n"
17 | ="-r"
18 | ="-v"
19 | ="-m"
20 | ="-p"
21 | ="-i"
22 | ="-o"
23 | ="--all"
24 | ="--kernel-name"
25 | ="--nodename"
26 | ="--kernel-release"
27 | ="--kernel-version"
28 | ="--machine"
29 | ="--processor"
30 | ="--hardware-platform"
31 | ="--operating-system"


--------------------------------------------------------------------------------
/dictionaries/vdir:
--------------------------------------------------------------------------------
 1 | =" "
 2 | ="@@"
 3 | ="="
 4 | ="-"
 5 | ="*"
 6 | ="../"
 7 | ="/"
 8 | ="'"
 9 | ="["
10 | ="]"
11 | ="-a"
12 | ="-s"
13 | ="-n"
14 | ="-r"
15 | ="-v"
16 | ="-m"
17 | ="-p"
18 | ="-i"
19 | ="-o"
20 | ="--all"
21 | ="--kernel-name"
22 | ="--nodename"
23 | ="--kernel-release"
24 | ="--kernel-version"
25 | ="--machine"
26 | ="--processor"
27 | ="--hardware-platform"
28 | ="--operating-system"


--------------------------------------------------------------------------------
/files/1GB_HDD.img:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/adamhass/fuzzing/b02fea4e85530412682ccfb2d8ccda53e90c2430/files/1GB_HDD.img


--------------------------------------------------------------------------------
/files/file1:
--------------------------------------------------------------------------------
1 | hej
2 | 


--------------------------------------------------------------------------------
/files/file2:
--------------------------------------------------------------------------------
1 | tja
2 | 


--------------------------------------------------------------------------------
/input/cat/basic:
--------------------------------------------------------------------------------
1 | /root/


--------------------------------------------------------------------------------
/input/cp/basic:
--------------------------------------------------------------------------------
1 | ./files/file1./files/file2
2 | 


--------------------------------------------------------------------------------
/input/date/basic:
--------------------------------------------------------------------------------
1 | -R


--------------------------------------------------------------------------------
/input/dd/basic:
--------------------------------------------------------------------------------
1 |  dd if=/dev/sda of=/dev/sdb


--------------------------------------------------------------------------------
/input/df/basic:
--------------------------------------------------------------------------------
1 | -a


--------------------------------------------------------------------------------
/input/dir/basic:
--------------------------------------------------------------------------------
1 | -a


--------------------------------------------------------------------------------
/input/echo/basic:
--------------------------------------------------------------------------------
1 | "hello"


--------------------------------------------------------------------------------
/input/false/basic:
--------------------------------------------------------------------------------
1 | r


--------------------------------------------------------------------------------
/input/ln/basic:
--------------------------------------------------------------------------------
1 | @@ @@


--------------------------------------------------------------------------------
/input/ls/basic:
--------------------------------------------------------------------------------
1 | -i


--------------------------------------------------------------------------------
/input/mkdir/basic:
--------------------------------------------------------------------------------
1 | test


--------------------------------------------------------------------------------
/input/mktemp/basic:
--------------------------------------------------------------------------------
1 | l


--------------------------------------------------------------------------------
/input/mv/basic:
--------------------------------------------------------------------------------
1 | /root/ /root2/


--------------------------------------------------------------------------------
/input/printf/basic:
--------------------------------------------------------------------------------
1 | "%s\n" "hello printf"


--------------------------------------------------------------------------------
/input/pwd/basic:
--------------------------------------------------------------------------------
1 | -L


--------------------------------------------------------------------------------
/input/sleep/basic:
--------------------------------------------------------------------------------
1 | 1s


--------------------------------------------------------------------------------
/input/touch/basic:
--------------------------------------------------------------------------------
1 | hello


--------------------------------------------------------------------------------
/input/true/basic:
--------------------------------------------------------------------------------
1 | e


--------------------------------------------------------------------------------
/input/uname/basic:
--------------------------------------------------------------------------------
1 | -a


--------------------------------------------------------------------------------
/input/vdir/basic:
--------------------------------------------------------------------------------
1 | -a


--------------------------------------------------------------------------------
/kickstart.sh:
--------------------------------------------------------------------------------
 1 | # Need to replace <PODNAME> with pods that are alive for this to work.
 2 | kubectl exec <PODNAME> -- bash -c "mkdir /root/out/ && mkdir /root/out/cat && afl-fuzz -m 1000 -i /root/fuzzing/input/cat -o /root/out/cat -- /root/coreutils/src/cat -x /root/fuzzing/dictionaries/cat"
 3 | kubectl exec <PODNAME> -- bash -c "mkdir /root/out/ && mkdir /root/out/date && afl-fuzz -m 1000 -i /root/fuzzing/input/date -o /root/out/date -- /root/coreutils/src/date -x /root/fuzzing/dictionaries/date"
 4 | kubectl exec <PODNAME> -- bash -c "mkdir /root/out/ && mkdir /root/out/df && afl-fuzz -m 1000 -i /root/fuzzing/input/df -o /root/out/df -- /root/coreutils/src/df -x /root/fuzzing/dictionaries/df"
 5 | kubectl exec <PODNAME> -- bash -c "mkdir /root/out/ && mkdir /root/out/echo && afl-fuzz -m 1000 -i /root/fuzzing/input/echo -o /root/out/echo -- /root/coreutils/src/echo -x /root/fuzzing/dictionaries/echo"
 6 | kubectl exec <PODNAME> -- bash -c "mkdir /root/out/ && mkdir /root/out/ln && afl-fuzz -m 1000 -i /root/fuzzing/input/ln -o /root/out/ln -- /root/coreutils/src/ln -x /root/fuzzing/dictionaries/ln"
 7 | kubectl exec <PODNAME> -- bash -c "mkdir /root/out/ && mkdir /root/out/mkdir && afl-fuzz -m 1000 -i /root/fuzzing/input/mkdir -o /root/out/mkdir -- /root/coreutils/src/mkdir -x /root/fuzzing/dictionaries/mkdir"
 8 | kubectl exec <PODNAME> -- bash -c "mkdir /root/out/ && mkdir /root/out/mv && afl-fuzz -m 1000 -i /root/fuzzing/input/mv -o /root/out/mv -- /root/coreutils/src/mv -x /root/fuzzing/dictionaries/mv"
 9 | kubectl exec <PODNAME> -- bash -c "mkdir /root/out/ && mkdir /root/out/pwd && afl-fuzz -m 1000 -i /root/fuzzing/input/pwd -o /root/out/pwd -- /root/coreutils/src/pwd -x /root/fuzzing/dictionaries/pwd"
10 | kubectl exec <PODNAME> -- bash -c "mkdir /root/out/ && mkdir /root/out/touch && afl-fuzz -m 1000 -i /root/fuzzing/input/touch -o /root/out/touch -- /root/coreutils/src/touch -x /root/fuzzing/dictionaries/touch"
11 | kubectl exec <PODNAME> -- bash -c "mkdir /root/out/ && mkdir /root/out/uname && afl-fuzz -m 1000 -i /root/fuzzing/input/uname -o /root/out/uname -- /root/coreutils/src/uname -x /root/fuzzing/dictionaries/uname"
12 | kubectl exec <PODNAME> -- bash -c "mkdir /root/out/ && mkdir /root/out/cp && afl-fuzz -m 1000 -i /root/fuzzing/input/cp -o /root/out/cp -- /root/coreutils/src/cp -x /root/fuzzing/dictionaries/cp"
13 | kubectl exec <PODNAME> -- bash -c "mkdir /root/out/ && mkdir /root/out/dd && afl-fuzz -m 1000 -i /root/fuzzing/input/dd -o /root/out/dd -- /root/coreutils/src/dd -x /root/fuzzing/dictionaries/dd"
14 | kubectl exec <PODNAME> -- bash -c "mkdir /root/out/ && mkdir /root/out/dir && afl-fuzz -m 1000 -i /root/fuzzing/input/dir -o /root/out/dir -- /root/coreutils/src/dir -x /root/fuzzing/dictionaries/dir"
15 | kubectl exec <PODNAME> -- bash -c "mkdir /root/out/ && mkdir /root/out/false && afl-fuzz -m 1000 -i /root/fuzzing/input/false -o /root/out/false -- /root/coreutils/src/false -x /root/fuzzing/dictionaries/false"
16 | kubectl exec <PODNAME> -- bash -c "mkdir /root/out/ && mkdir /root/out/ls && afl-fuzz -m 1000 -i /root/fuzzing/input/ls -o /root/out/ls -- /root/coreutils/src/ls -x /root/fuzzing/dictionaries/ls"
17 | kubectl exec <PODNAME> -- bash -c "mkdir /root/out/ && mkdir /root/out/mktemp && afl-fuzz -m 1000 -i /root/fuzzing/input/mktemp -o /root/out/mktemp -- /root/coreutils/src/mktemp -x /root/fuzzing/dictionaries/mktemp"
18 | kubectl exec <PODNAME> -- bash -c "mkdir /root/out/ && mkdir /root/out/printf && afl-fuzz -m 1000 -i /root/fuzzing/input/printf -o /root/out/printf -- /root/coreutils/src/printf -x /root/fuzzing/dictionaries/printf"
19 | kubectl exec <PODNAME> -- bash -c "mkdir /root/out/ && mkdir /root/out/sleep && afl-fuzz -m 1000 -i /root/fuzzing/input/sleep -o /root/out/sleep -- /root/coreutils/src/sleep -x /root/fuzzing/dictionaries/sleep"
20 | kubectl exec <PODNAME> -- bash -c "mkdir /root/out/ && mkdir /root/out/true && afl-fuzz -m 1000 -i /root/fuzzing/input/true -o /root/out/true -- /root/coreutils/src/true -x /root/fuzzing/dictionaries/true"
21 | kubectl exec <PODNAME> -- bash -c "mkdir /root/out/ && mkdir /root/out/vdir && afl-fuzz -m 1000 -i /root/fuzzing/input/	vdir -o /root/out/vdir -- /root/coreutils/src/vdir -x /root/fuzzing/dictionaries/vdir"


--------------------------------------------------------------------------------
/src/bin_to_string.c:
--------------------------------------------------------------------------------
 1 | /*
 2 | 	### testcases_to_text.c
 3 | 
 4 | 	Reads from stdin and creates an arg v array the same way afl does.
 5 | 	Then outputs the final array as single space delimitted row of strings.
 6 | 
 7 | */
 8 | 
 9 | #include<stdio.h>
10 | #include "/root/afl/experimental/argv_fuzzing/argv-fuzz-inl.h"
11 | 
12 | int
13 | main (int argc, char **argv)
14 | {
15 |     AFL_INIT_ARGV();
16 | 
17 |     for(int i=1;i<argc;i++)
18 |     {
19 |         printf("%s",argv[i]);
20 |         printf(" ");
21 |     }
22 |     printf("\n");
23 |     fflush(stdout);
24 |     return 0;
25 | }
26 | 


--------------------------------------------------------------------------------
/submission/README.md:
--------------------------------------------------------------------------------
 1 | # Fuzzing Competition Submission
 2 | 
 3 | Anders Sjöbom [asjobom@kth.se](mailto:asjobom@kth.se)   
 4 | Adam Hasselberg [adamhas@kth.se](mailto:adamhas.kth.se)
 5 | 
 6 | ## Fuzzing Method Used
 7 | In our project we have opted to use AFL and it's out of the box functions as much as possible. AFL Fuzzes it's inputs in a number of different ways, primarily by flipping bits in the test-cases to create mutations. Continuously monitoring for new coverage being achieved to store new useful testcases. AFL also supports fuzzing with dictionaries, which the author describes as "making up a grammar with a dictionary on hand" [[grammar fuzzing source]](https://lcamtuf.blogspot.com/2015/01/afl-fuzz-making-up-grammar-with.html) 
 8 | 
 9 | Dictionaries allows AFL to fuzz with specific pre-defined strings and string replacements rather than just bitshifts. Since reaching different code largely depends on the fuzzing to find different combinations of parameters expressed as strings this should give us better results than not using grammars or dictionaries at all.
10 | 
11 | 
12 | Fuzzing with AFL and dictionaries thus allows us to feed two types of input for a fuzzing job: (1) inputs which AFL will mutate, and (2) a dictionary with words which the fuzzer will use in its mutations. From our reading of AFL documentation it's best to keep only one input if two are "functionally the same", making the analogy to only keep one small jpeg photo rather than multiple vacation photos. Our interpretation of this is that to fuzz a command line utils argv string, the string "-n 1" is functionally the same as a much longer string like "-n 1 -d 'test' -r ", they're both just strings of flags. We therefor keep the input limited to one small sample string per util, and create a dictionary per util which we insert all parameters we can find in the utils man pages as different words.
13 | 
14 | 
15 | ## What we did
16 | The process of fuzzing the 20 coreutils was achieved in a number of small incremental steps with the goal of having all 20 utils fuzzed in the cloud on separate kubernetes pods in parallell over several days. The steps to achieve this were: Decide on a fuzzing tool, fuzz a single util on a pod and see progress, fuzz all utils on separate pods, collect outputs and measure coverage we achieved, evaluate and improve fuzzing if necassery.
17 | 
18 | Fuzzing a single util took a lot of reading, compiling, packaging, deploying and testing. For AFL to be able to fuzz, the binary files need to be instrumented, or compiled with specific debugging information. AFL provides a compiler for this purpose which we used. But, AFL does not support fuzzing program arguments out of the box. AFL feeds its inputs as std-input to programs, so to fuzz the arguments we need to modify the C-files such that they will read their arguments from std-in. AFL provides instructions in [argv-fuzz-inl.h](https://github.com/mirrorer/afl/blob/2fb5a3482ec27b593c57258baae7089ebdc89043/experimental/argv_fuzzing/argv-fuzz-inl.h) .
19 | 
20 | After properly compiling the modified binary we were able to see progress, and were able to modify the other utils the same way. After that we could start deploying the pods on a Google Cloud kubernetes cluster. We decided to kill pods that didn't make progress for several hours.
21 | 
22 | Finally, in order to secure the minimum 50\% coverage requirement we manually inspected our coverage and added manual inputs at the top of the submission files until the minimum coverage was achieved.
23 | 
24 | ## Discussion
25 | From our initial reading about the different tools available we got the impression that the most used "standard" tool for fuzzing was American Fuzzy Lop, AFL. There were plenty of resources online for the tool, and it looked like something which would be useful to get familiar with. If we had more time we would've likely switched over to a different tool, as our experience with trying to fuzz the coreutils for this competition was not great. There are likely better solutions that could be stitched together where more emphasis could be put on analyzing line-coverage reports and human-readable test-cases more easily. 
26 | 
27 | In hindsight, we could have probably have achieved higher coverage with less effort if we had done the manual inspections and manual creation of test cases from the start. However this wouldn't have been a fuzzing approach. The rules of the competition (specifically of achieving maximum line coverage of the specific .c files, rather than path coverage or finding crashes) means that manually creating test cases is fairly easy once you have a decent workflow. 


--------------------------------------------------------------------------------
/submission/cat.txt:
--------------------------------------------------------------------------------
 1 | files/file1 files/file2 -v
 2 | files/file1 files/file2 -b
 3 | files/file1 files/file2 -e
 4 | files/file1 files/file2 -A
 5 | files/file1 files/file2 -E
 6 | files/file1 files/file2 -n
 7 | files/file1 files/file2 -s
 8 | files/file1 files/file2 -t
 9 | files/file1 files/file2 -T
10 | files/file1 files/file2 -u
11 | files/file1 files/file2 -v
12 | files/file1 files/file2 -v
13 | --help
14 | --version


--------------------------------------------------------------------------------
/submission/cp.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/adamhass/fuzzing/b02fea4e85530412682ccfb2d8ccda53e90c2430/submission/cp.txt


--------------------------------------------------------------------------------
/submission/date.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/adamhass/fuzzing/b02fea4e85530412682ccfb2d8ccda53e90c2430/submission/date.txt


--------------------------------------------------------------------------------
/submission/dd.txt:
--------------------------------------------------------------------------------
 1 | --help
 2 | --version
 3 | if=files/file1 of=files/file1337
 4 | if=files/file1 of=files/file1337 bs=8
 5 | if=files/file1 of=files/file1337 bs=8 count=7 cbs=4 conv=sync
 6 | if=files/file1 of=files/file1337 bs=8 count=7 cbs=4 ibs=256
 7 | if=files/file1 of=files/file1337 obs=256
 8 | if=files/file1 of=files/file1337 conv=ascii
 9 | if=files/file1 of=files/file1337 conv=ebcdic
10 | if=files/file1 of=files/file1337 conv=tja
11 | if=files/file1 of=files/file1337 conv=ibm
12 | if=files/file1 of=files/file1337 conv=block
13 | if=files/file1 of=files/file1337 conv=unblock
14 | if=files/file1 of=files/file1337 conv=lcase
15 | if=files/file1 of=files/file1337 conv=ucase
16 | if=files/file1 of=files/file1337 conv=sparse
17 | if=files/file1 of=files/file1337 conv=swab
18 | if=files/file1 of=files/file1337 conv=excl
19 | if=files/file1 of=files/file13371 conv=excl
20 | if=files/file1 of=files/file1337 conv=nocreat
21 | if=files/file1 of=files/file13372 conv=nocreat
22 | if=files/file1 of=files/file1337 conv=notrunc
23 | if=files/file1 of=files/file1337 conv=noerror
24 | if=files/file1 of=files/file1337 conv=fdatasync
25 | if=files/file1 of=files/file1337 conv=fsync
26 | if=files/file1 of=files/file1337 iflag=append
27 | if=files/file1 of=files/file1337 iflag=direct
28 | if=files/file1 of=files/file1337 iflag=directory
29 | if=files of=files/file1337 iflag=directory
30 | if=files/file1 of=files/file1337 iflag=dsync
31 | if=files/file1 of=files/file1337 iflag=sync
32 | if=files/file1 of=files/file1337 iflag=fullblock
33 | if=files/file1 of=files/file1337 iflag=nonblock
34 | if=files/file1 of=files/file1337 iflag=noatime
35 | if=files/file1 of=files/file1337 iflag=nocache
36 | if=files/file1 of=files/file1337 iflag=noctty
37 | if=files/file1 of=files/file1337 iflag=nofollow
38 | if=files/file1 of=files/file1337 iflag=count_bytes
39 | if=files/file1 of=files/file1337 iflag=skip_bytes
40 | if=files/file1 of=files/file1337 iflag=seek_bytes
41 | if=files/file1 of=files/file1337 oflag=append
42 | if=files/file1 of=files/file1337 oflag=direct
43 | if=files/file1 of=files/file1337 oflag=directory
44 | if=files/file1 of=files/file1337 oflag=dsync
45 | if=files/file1 of=files/file1337 oflag=sync
46 | if=files/file1 of=files/file1337 oflag=fullblock
47 | if=files/file1 of=files/file1337 oflag=nonblock
48 | if=files/file1 of=files/file1337 oflag=noatime
49 | if=files/file1 of=files/file1337 oflag=nocache
50 | if=files/file1 of=files/file1337 oflag=noctty
51 | if=files/file1 of=files/file1337 oflag=nofollow
52 | if=files/file1 of=files/file1337 oflag=count_bytes
53 | if=files/file1 of=files/file1337 oflag=skip_bytes
54 | if=files/file1 of=files/file1337 oflag=seek_bytes
55 | if=files/file1 of=files/file1337 seek=4
56 | if=files/file1 of=files/file1337 skip=14
57 | if=files/file1 of=files/file1337 status=none
58 | if=files/file1 of=files/file1337 status=noxfer
59 | if=files/file1 of=files/file1337 status=progress


--------------------------------------------------------------------------------
/submission/df.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/adamhass/fuzzing/b02fea4e85530412682ccfb2d8ccda53e90c2430/submission/df.txt


--------------------------------------------------------------------------------
/submission/dir.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/adamhass/fuzzing/b02fea4e85530412682ccfb2d8ccda53e90c2430/submission/dir.txt


--------------------------------------------------------------------------------
/submission/echo.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/adamhass/fuzzing/b02fea4e85530412682ccfb2d8ccda53e90c2430/submission/echo.txt


--------------------------------------------------------------------------------
/submission/false.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/adamhass/fuzzing/b02fea4e85530412682ccfb2d8ccda53e90c2430/submission/false.txt


--------------------------------------------------------------------------------
/submission/files/file1:
--------------------------------------------------------------------------------
1 | hej
2 | 


--------------------------------------------------------------------------------
/submission/files/file2:
--------------------------------------------------------------------------------
1 | tja
2 | 


--------------------------------------------------------------------------------
/submission/ln.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/adamhass/fuzzing/b02fea4e85530412682ccfb2d8ccda53e90c2430/submission/ln.txt


--------------------------------------------------------------------------------
/submission/ls.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/adamhass/fuzzing/b02fea4e85530412682ccfb2d8ccda53e90c2430/submission/ls.txt


--------------------------------------------------------------------------------
/submission/mkdir.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/adamhass/fuzzing/b02fea4e85530412682ccfb2d8ccda53e90c2430/submission/mkdir.txt


--------------------------------------------------------------------------------
/submission/mktemp.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/adamhass/fuzzing/b02fea4e85530412682ccfb2d8ccda53e90c2430/submission/mktemp.txt


--------------------------------------------------------------------------------
/submission/mv.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/adamhass/fuzzing/b02fea4e85530412682ccfb2d8ccda53e90c2430/submission/mv.txt


--------------------------------------------------------------------------------
/submission/printf.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/adamhass/fuzzing/b02fea4e85530412682ccfb2d8ccda53e90c2430/submission/printf.txt


--------------------------------------------------------------------------------
/submission/pwd.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/adamhass/fuzzing/b02fea4e85530412682ccfb2d8ccda53e90c2430/submission/pwd.txt


--------------------------------------------------------------------------------
/submission/sleep.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/adamhass/fuzzing/b02fea4e85530412682ccfb2d8ccda53e90c2430/submission/sleep.txt


--------------------------------------------------------------------------------
/submission/touch.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/adamhass/fuzzing/b02fea4e85530412682ccfb2d8ccda53e90c2430/submission/touch.txt


--------------------------------------------------------------------------------
/submission/true.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/adamhass/fuzzing/b02fea4e85530412682ccfb2d8ccda53e90c2430/submission/true.txt


--------------------------------------------------------------------------------
/submission/uname.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/adamhass/fuzzing/b02fea4e85530412682ccfb2d8ccda53e90c2430/submission/uname.txt


--------------------------------------------------------------------------------
/submission/vdir.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/adamhass/fuzzing/b02fea4e85530412682ccfb2d8ccda53e90c2430/submission/vdir.txt


--------------------------------------------------------------------------------
/tests/runTests.sh:
--------------------------------------------------------------------------------
 1 | ./cat.sh
 2 | ./cp.sh
 3 | ./date.sh
 4 | ./dd.sh
 5 | ./df.sh
 6 | ./dir.sh
 7 | ./echo.sh
 8 | ./false.sh
 9 | ./files
10 | ./ln.sh
11 | ./ls.sh
12 | ./mkdir.sh
13 | ./mktemp.sh
14 | ./mv.sh
15 | ./printf.sh
16 | ./pwd.sh
17 | ./run.sh
18 | ./sleep.sh
19 | ./touch.sh
20 | ./true.sh
21 | ./uname.sh
22 | ./vdir.sh
23 | 


--------------------------------------------------------------------------------
/tools/bin_to_string:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/adamhass/fuzzing/b02fea4e85530412682ccfb2d8ccda53e90c2430/tools/bin_to_string


--------------------------------------------------------------------------------