├── .gitignore ├── LICENSE ├── README.md ├── docs ├── README.md ├── _config.yml └── img │ ├── afl++-protobuf-asn1.svg │ ├── afl-plot.png │ └── basic-fuzzing.png ├── src ├── .gitignore ├── Makefile ├── elf_to_lib.py ├── hook │ ├── Makefile │ ├── hook.c │ └── hook.h ├── mutator │ ├── Makefile │ ├── afl-fuzz-run.patch │ ├── asn1_pdu_pb2.py │ ├── asn1_to_protobuf.py │ ├── asn1_universal_types_pb2.py │ ├── custom_mutator.cpp │ ├── custom_mutator.h │ ├── google-fuzzing.patch │ ├── protobuf_to_der.cpp │ ├── requirements.txt │ └── x509_certificate_pb2.py └── target.c ├── step0 ├── .gitignore ├── README.md ├── afl_config.sh ├── build_corpus.sh ├── corpus │ └── test.cert.b64 └── fuzz.sh ├── step1 ├── .gitignore ├── README.md ├── afl_config.sh ├── build_corpus.sh ├── corpus │ └── test.cert.b64 └── fuzz.sh ├── step2 ├── .gitignore ├── README.md ├── afl_config.sh ├── build_corpus.sh ├── corpus │ └── test.cert.b64 └── fuzz.sh ├── step3 ├── .gitignore ├── README.md ├── afl_config.sh ├── build_corpus.sh ├── corpus │ └── test.cert.b64 └── fuzz.sh ├── step4 ├── .gitignore ├── README.md ├── afl_config.sh ├── build_corpus.sh ├── corpus │ └── test.cert └── fuzz.sh ├── step5 ├── .gitignore ├── README.md ├── afl_config.sh ├── build_corpus.sh ├── corpus │ └── test.cert └── fuzz.sh └── step6 ├── .gitignore ├── README.md ├── afl_config.sh ├── build_corpus.sh ├── corpus └── test.cert ├── coverage.sh └── fuzz.sh /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/.gitignore -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/README.md -------------------------------------------------------------------------------- /docs/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/docs/README.md -------------------------------------------------------------------------------- /docs/_config.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/docs/_config.yml -------------------------------------------------------------------------------- /docs/img/afl++-protobuf-asn1.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/docs/img/afl++-protobuf-asn1.svg -------------------------------------------------------------------------------- /docs/img/afl-plot.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/docs/img/afl-plot.png -------------------------------------------------------------------------------- /docs/img/basic-fuzzing.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/docs/img/basic-fuzzing.png -------------------------------------------------------------------------------- /src/.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/src/.gitignore -------------------------------------------------------------------------------- /src/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/src/Makefile -------------------------------------------------------------------------------- /src/elf_to_lib.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/src/elf_to_lib.py -------------------------------------------------------------------------------- /src/hook/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/src/hook/Makefile -------------------------------------------------------------------------------- /src/hook/hook.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/src/hook/hook.c -------------------------------------------------------------------------------- /src/hook/hook.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/src/hook/hook.h -------------------------------------------------------------------------------- /src/mutator/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/src/mutator/Makefile -------------------------------------------------------------------------------- /src/mutator/afl-fuzz-run.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/src/mutator/afl-fuzz-run.patch -------------------------------------------------------------------------------- /src/mutator/asn1_pdu_pb2.py: -------------------------------------------------------------------------------- 1 | ../../google-fuzzing/proto/asn1-pdu/asn1_pdu_pb2.py -------------------------------------------------------------------------------- /src/mutator/asn1_to_protobuf.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/src/mutator/asn1_to_protobuf.py -------------------------------------------------------------------------------- /src/mutator/asn1_universal_types_pb2.py: -------------------------------------------------------------------------------- 1 | ../../google-fuzzing/proto/asn1-pdu/asn1_universal_types_pb2.py -------------------------------------------------------------------------------- /src/mutator/custom_mutator.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/src/mutator/custom_mutator.cpp -------------------------------------------------------------------------------- /src/mutator/custom_mutator.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/src/mutator/custom_mutator.h -------------------------------------------------------------------------------- /src/mutator/google-fuzzing.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/src/mutator/google-fuzzing.patch -------------------------------------------------------------------------------- /src/mutator/protobuf_to_der.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/src/mutator/protobuf_to_der.cpp -------------------------------------------------------------------------------- /src/mutator/requirements.txt: -------------------------------------------------------------------------------- 1 | asn1crypto 2 | protobuf 3 | -------------------------------------------------------------------------------- /src/mutator/x509_certificate_pb2.py: -------------------------------------------------------------------------------- 1 | ../../google-fuzzing/proto/asn1-pdu/x509_certificate_pb2.py -------------------------------------------------------------------------------- /src/target.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/src/target.c -------------------------------------------------------------------------------- /step0/.gitignore: -------------------------------------------------------------------------------- 1 | output 2 | corpus_unique 3 | -------------------------------------------------------------------------------- /step0/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step0/README.md -------------------------------------------------------------------------------- /step0/afl_config.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step0/afl_config.sh -------------------------------------------------------------------------------- /step0/build_corpus.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step0/build_corpus.sh -------------------------------------------------------------------------------- /step0/corpus/test.cert.b64: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step0/corpus/test.cert.b64 -------------------------------------------------------------------------------- /step0/fuzz.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step0/fuzz.sh -------------------------------------------------------------------------------- /step1/.gitignore: -------------------------------------------------------------------------------- 1 | output 2 | corpus_unique 3 | -------------------------------------------------------------------------------- /step1/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step1/README.md -------------------------------------------------------------------------------- /step1/afl_config.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step1/afl_config.sh -------------------------------------------------------------------------------- /step1/build_corpus.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step1/build_corpus.sh -------------------------------------------------------------------------------- /step1/corpus/test.cert.b64: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step1/corpus/test.cert.b64 -------------------------------------------------------------------------------- /step1/fuzz.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step1/fuzz.sh -------------------------------------------------------------------------------- /step2/.gitignore: -------------------------------------------------------------------------------- 1 | output 2 | corpus_unique 3 | -------------------------------------------------------------------------------- /step2/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step2/README.md -------------------------------------------------------------------------------- /step2/afl_config.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step2/afl_config.sh -------------------------------------------------------------------------------- /step2/build_corpus.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step2/build_corpus.sh -------------------------------------------------------------------------------- /step2/corpus/test.cert.b64: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step2/corpus/test.cert.b64 -------------------------------------------------------------------------------- /step2/fuzz.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step2/fuzz.sh -------------------------------------------------------------------------------- /step3/.gitignore: -------------------------------------------------------------------------------- 1 | output 2 | corpus_unique 3 | -------------------------------------------------------------------------------- /step3/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step3/README.md -------------------------------------------------------------------------------- /step3/afl_config.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step3/afl_config.sh -------------------------------------------------------------------------------- /step3/build_corpus.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step3/build_corpus.sh -------------------------------------------------------------------------------- /step3/corpus/test.cert.b64: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step3/corpus/test.cert.b64 -------------------------------------------------------------------------------- /step3/fuzz.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step3/fuzz.sh -------------------------------------------------------------------------------- /step4/.gitignore: -------------------------------------------------------------------------------- 1 | output 2 | corpus_unique 3 | -------------------------------------------------------------------------------- /step4/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step4/README.md -------------------------------------------------------------------------------- /step4/afl_config.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step4/afl_config.sh -------------------------------------------------------------------------------- /step4/build_corpus.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step4/build_corpus.sh -------------------------------------------------------------------------------- /step4/corpus/test.cert: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step4/corpus/test.cert -------------------------------------------------------------------------------- /step4/fuzz.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step4/fuzz.sh -------------------------------------------------------------------------------- /step5/.gitignore: -------------------------------------------------------------------------------- 1 | output 2 | corpus_unique 3 | -------------------------------------------------------------------------------- /step5/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step5/README.md -------------------------------------------------------------------------------- /step5/afl_config.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step5/afl_config.sh -------------------------------------------------------------------------------- /step5/build_corpus.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step5/build_corpus.sh -------------------------------------------------------------------------------- /step5/corpus/test.cert: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step5/corpus/test.cert -------------------------------------------------------------------------------- /step5/fuzz.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step5/fuzz.sh -------------------------------------------------------------------------------- /step6/.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step6/.gitignore -------------------------------------------------------------------------------- /step6/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step6/README.md -------------------------------------------------------------------------------- /step6/afl_config.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step6/afl_config.sh -------------------------------------------------------------------------------- /step6/build_corpus.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step6/build_corpus.sh -------------------------------------------------------------------------------- /step6/corpus/test.cert: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step6/corpus/test.cert -------------------------------------------------------------------------------- /step6/coverage.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step6/coverage.sh -------------------------------------------------------------------------------- /step6/fuzz.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbus-seclab/AFLplusplus-blogpost/HEAD/step6/fuzz.sh --------------------------------------------------------------------------------