Skip to content

Latest commit

 

History

History
46 lines (34 loc) · 1.21 KB

README.md

File metadata and controls

46 lines (34 loc) · 1.21 KB

Python HFuzz

Everything you need to glue honggfuzz and python 3.

Install

cd /path/to/honggfuzz/sources/
git clone https://github.com/thebabush/python-hfuzz.git python
cd python
python setup.py install

Important: do not use pip. Right now I'm using relative paths to link honggfuzz' static libraries to python-hfuzz and pip doesn't like that. Feel free to create a PR to improve the build system.

Usage

Normal execution:

honggfuzz -f ./corpus -F 8 -- ./examples/cmp.py ___FILE___

Persistent mode:

honggfuzz -f ./corpus -F 8 -P -- ./examples/persistent.py

Why?

Well, the main reasons are these:

  1. There are DBIs out there that can be scripted in python. While it's not the best idea performance-wise, sometimes your dev-speed/run-speed trade-off makes it worth it in the short term (e.g.: one-off custom feedback implementations, research, CTFs, etc...)
  2. Fuzzing python programs. Coupled with some nice bytecode-level instrumentation, this could be interesting.
  3. Reimplement AFL-unicorn without patching unicorn's QEMU (hello UC_HOOK_BLOCK).