initial commit

README.md

@@ -0,0 +1,66 @@
+# De-socketing for Fuzzing
+
+When fuzzing network applications the fuzzers provide their input via stdin
+although the applications get their input over network connections.
+This library redirects all network communication to stdin and stdout such that 
+network applications can be traditionally fuzzed with AFL++.
+
+For an in-depth explanation of de-socketing see our [blog post](https://lolcads.github.io/posts/2022/02/libdesock/).
+
+## Building
+```sh
+meson setup ./build
+cd ./build
+```
+
+You can configure the build using
+```sh
+meson configure -D <optname>=<optvalue>
+```
+
+You can get an overview over all options with
+```sh
+meson configure
+```
+
+The following options are specific to libdesock:
+
+| Option          | Description                                                                                | Default |
+|-----------------|--------------------------------------------------------------------------------------------|---------|
+| `arch`          | The CPU architecture for which you are compiling libdesock.so                              | x86_64  |
+| `debug_desock`  | If this is true, calls to functions in libdesock.so get logged to stderr.                  | false   |
+| `desock_client` | If this is true, calls to `connect()` get hooked. This enables the desocketing of clients. | false   |
+| `desock_server` | If this is true, calls to `bind()` get hooked. This enables the desocketing of servers.    | true    |
+| `fd_table_size` | Only fds < `fd_table_size` can be desocked.                                                | 128     |
+| `interpreter`   | Path to ld.so (will be determined dynamically if not set)                                  |         |
+
+If configuration is done compile with
+```sh
+meson compile
+```
+
+This creates a shared library `./build/libdesock.so` and a static library `./build/libdesock.a`.
+
+## Usage
+Prepend
+```sh
+LD_PRELOAD=libdesock.so
+```
+to the invocation of any network application or
+set the environment variable
+```sh
+AFL_PRELOAD=libdesock.so
+```
+when using AFL++.
+
+If you are using libdesock and AFL for fuzzing, the programs under test
+usually require a special setup to work with AFL. Checkout our [examples](./examples) 
+directory for some examples on how to properly setup network applications for fuzzing.
+
+## Known Bugs
+- TCP servers using [libuv](https://libuv.org/) cannot be de-socket-ed (yet). De-socketing of libuv currently only works with UDP servers. It only takes a small change to fix this though, if anyone needs this create an issue.
+- `ioctl()` is not supported. Make sure your target does not rely on `ioctl` requests
+
+## System Call Emulation
+
+System call emulation is partly done using musl libc code (https://musl.libc.org/) - see `libdesock/include`

build/.ninja_log

@@ -0,0 +1,87 @@
+# ninja log v5
+1	27	1645170954721742038	libdesock.so.p/libdesock_src_connect.c.o	d5e42f62cba16ece
+2	77	1645170954769742101	libdesock.so.p/libdesock_src_listen.c.o	228d1bab9ab7c69d
+0	79	1645170954769742101	libdesock.so.p/libdesock_src_bind.c.o	1eb012921b110996
+1	81	1645170954773742106	libdesock.so.p/libdesock_src_getsockname.c.o	2610b9438660f80a
+0	85	1645170954776742110	libdesock.so.p/libdesock_src_accept.c.o	8229ec26e705745
+1	86	1645170954778742113	libdesock.so.p/libdesock_src_getpeername.c.o	d67a0957691f5842
+27	92	1645170954771742104	libdesock.so.p/libdesock_src_sendfile.c.o	a6146ff1fb4a840f
+0	94	1645170954784742121	libdesock.so.p/libdesock_src_close.c.o	b198d3035da54e83
+2	97	1645170954781742117	libdesock.so.p/libdesock_src_peekbuffer.c.o	1566dc6e99e56e84
+3	104	1645170954783742120	libdesock.so.p/libdesock_src_poll.c.o	5726a1e584097c1
+1	110	1645170954788742126	libdesock.so.p/libdesock_src_desock.c.o	89d8e00bf7327f98
+1	116	1645170954799742140	libdesock.so.p/libdesock_src_dup.c.o	dbe4aca606967e29
+1	117	1645170954794742134	libdesock.so.p/libdesock_src_epoll.c.o	bd742c74da43c54a
+85	131	1645170954824742173	libdesock.so.p/libdesock_src_syscall.c.o	81ff60c09072bccc
+3	140	1645170954820742168	libdesock.so.p/libdesock_src_select.c.o	f8fb1977bbeeacdb
+81	149	1645170954825742174	libdesock.so.p/libdesock_src_sockopt.c.o	8542fdefbf753939
+104	150	1645170954822742170	libdesock.a.p/libdesock_src_connect.c.o	383cbd8e656f3a4b
+78	154	1645170954840742194	libdesock.so.p/libdesock_src_shutdown.c.o	4736227f347f34f6
+79	156	1645170954846742202	libdesock.so.p/libdesock_src_socket.c.o	94f67957ec5c1133
+92	165	1645170954856742215	libdesock.a.p/libdesock_src_accept.c.o	70f83521298d1bbb
+94	173	1645170954856742215	libdesock.a.p/libdesock_src_bind.c.o	b669431c11ad1a5e
+97	191	1645170954866742228	libdesock.a.p/libdesock_src_close.c.o	c601f827108f84fd
+3	206	1645170954884742252	libdesock.so.p/libdesock_src_read.c.o	ff71dff77a34e681
+113	210	1645170954885742253	libdesock.a.p/libdesock_src_desock.c.o	31d9fc300f5a0310
+131	215	1645170954885742253	libdesock.a.p/libdesock_src_getpeername.c.o	9c0137ae79f61cc8
+116	226	1645170954898742270	libdesock.a.p/libdesock_src_dup.c.o	8d2e7f622d42e149
+149	234	1645170954900742273	libdesock.a.p/libdesock_src_listen.c.o	eaa405488b29b4e2
+86	234	1645170954919742297	libdesock.so.p/libdesock_src_write.c.o	27ef3d502a59271f
+142	244	1645170954923742303	libdesock.a.p/libdesock_src_getsockname.c.o	4da5b7049bc05b9f
+173	256	1645170954946742333	libdesock.a.p/libdesock_src_sendfile.c.o	3ef0b015d0fd562f
+154	256	1645170954946742333	libdesock.a.p/libdesock_src_poll.c.o	d2c5b0d8207b8c6c
+215	263	1645170954955742345	libdesock.a.p/libdesock_src_syscall.c.o	f5573d3625571ae4
+210	277	1645170954968742362	libdesock.a.p/libdesock_src_sockopt.c.o	3606b775e7a08fb1
+151	280	1645170954970742364	libdesock.a.p/libdesock_src_peekbuffer.c.o	6e44df44f02bed22
+167	280	1645170954974742369	libdesock.a.p/libdesock_src_select.c.o	ab4ab2c00ffd0571
+207	280	1645170954972742367	libdesock.a.p/libdesock_src_socket.c.o	c93eb537e69426e3
+191	282	1645170954974742369	libdesock.a.p/libdesock_src_shutdown.c.o	37514e307bb5bf24
+117	289	1645170954982742380	libdesock.a.p/libdesock_src_epoll.c.o	b34671878ddbfb93
+234	296	1645170954990742390	libdesock.so	93ecbc8b06031ff2
+296	307	1645170955002742406	fake	7040f30ff78ddc2
+156	340	1645170955034742448	libdesock.a.p/libdesock_src_read.c.o	25fa2575dcce7a8c
+226	342	1645170955036742451	libdesock.a.p/libdesock_src_write.c.o	4154854c4c63465b
+342	346	1645170955041742457	libdesock.a	654baa5a2eb63a2d
+16	34	1645803488036922924	libdesock.so.p/libdesock_src_connect.c.o	d5e42f62cba16ece
+18	77	1645803488079923022	libdesock.so.p/libdesock_src_getsockname.c.o	2610b9438660f80a
+18	79	1645803488079923022	libdesock.so.p/libdesock_src_getpeername.c.o	d67a0957691f5842
+35	80	1645803488079923022	libdesock.so.p/libdesock_src_sendfile.c.o	a6146ff1fb4a840f
+16	83	1645803488082923029	libdesock.so.p/libdesock_src_close.c.o	b198d3035da54e83
+19	84	1645803488081923026	libdesock.so.p/libdesock_src_listen.c.o	228d1bab9ab7c69d
+14	85	1645803488087923040	libdesock.so.p/libdesock_src_accept.c.o	8229ec26e705745
+15	92	1645803488082923029	libdesock.so.p/libdesock_src_bind.c.o	1eb012921b110996
+20	93	1645803488093923054	libdesock.so.p/libdesock_src_poll.c.o	5726a1e584097c1
+20	94	1645803488093923054	libdesock.so.p/libdesock_src_peekbuffer.c.o	1566dc6e99e56e84
+17	96	1645803488097923063	libdesock.so.p/libdesock_src_dup.c.o	dbe4aca606967e29
+17	102	1645803488097923063	libdesock.so.p/libdesock_src_desock.c.o	89d8e00bf7327f98
+24	115	1645803488109923090	libdesock.so.p/libdesock_src_select.c.o	f8fb1977bbeeacdb
+94	118	1645803488115923104	libdesock.a.p/libdesock_src_connect.c.o	383cbd8e656f3a4b
+18	122	1645803488121923118	libdesock.so.p/libdesock_src_epoll.c.o	bd742c74da43c54a
+77	124	1645803488124923124	libdesock.so.p/libdesock_src_shutdown.c.o	4736227f347f34f6
+83	125	1645803488127923131	libdesock.so.p/libdesock_src_syscall.c.o	81ff60c09072bccc
+81	128	1645803488128923133	libdesock.so.p/libdesock_src_sockopt.c.o	8542fdefbf753939
+92	142	1645803488139923159	libdesock.a.p/libdesock_src_bind.c.o	b669431c11ad1a5e
+93	143	1645803488143923168	libdesock.a.p/libdesock_src_close.c.o	c601f827108f84fd
+79	157	1645803488145923172	libdesock.so.p/libdesock_src_socket.c.o	94f67957ec5c1133
+85	159	1645803488161923209	libdesock.a.p/libdesock_src_accept.c.o	70f83521298d1bbb
+122	164	1645803488164923215	libdesock.a.p/libdesock_src_getsockname.c.o	4da5b7049bc05b9f
+21	184	1645803488173923236	libdesock.so.p/libdesock_src_read.c.o	ff71dff77a34e681
+84	185	1645803488173923236	libdesock.so.p/libdesock_src_write.c.o	27ef3d502a59271f
+96	185	1645803488176923243	libdesock.a.p/libdesock_src_desock.c.o	31d9fc300f5a0310
+119	186	1645803488167923222	libdesock.a.p/libdesock_src_getpeername.c.o	9c0137ae79f61cc8
+125	186	1645803488167923222	libdesock.a.p/libdesock_src_listen.c.o	eaa405488b29b4e2
+125	192	1645803488192923279	libdesock.a.p/libdesock_src_peekbuffer.c.o	6e44df44f02bed22
+103	197	1645803488197923290	libdesock.a.p/libdesock_src_dup.c.o	8d2e7f622d42e149
+157	200	1645803488200923297	libdesock.a.p/libdesock_src_sendfile.c.o	3ef0b015d0fd562f
+128	201	1645803488200923297	libdesock.a.p/libdesock_src_poll.c.o	d2c5b0d8207b8c6c
+159	204	1645803488206923311	libdesock.a.p/libdesock_src_shutdown.c.o	37514e307bb5bf24
+185	212	1645803488214923329	libdesock.a.p/libdesock_src_syscall.c.o	f5573d3625571ae4
+117	217	1645803488219923340	libdesock.a.p/libdesock_src_epoll.c.o	b34671878ddbfb93
+184	224	1645803488226923356	libdesock.a.p/libdesock_src_sockopt.c.o	3606b775e7a08fb1
+185	225	1645803488227923359	libdesock.so	93ecbc8b06031ff2
+225	228	1645803488231923368	fake	7040f30ff78ddc2
+164	231	1645803488233923372	libdesock.a.p/libdesock_src_socket.c.o	c93eb537e69426e3
+143	235	1645803488237923382	libdesock.a.p/libdesock_src_select.c.o	ab4ab2c00ffd0571
+186	250	1645803488251923413	libdesock.a.p/libdesock_src_write.c.o	4154854c4c63465b
+142	256	1645803488258923429	libdesock.a.p/libdesock_src_read.c.o	25fa2575dcce7a8c
+256	261	1645803488263923441	libdesock.a	654baa5a2eb63a2d