From 6581084d1865e780e3b6bbf9d2933e52ca4e3bc9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcel=20B=C3=B6hme?= Date: Sat, 19 Aug 2017 14:16:12 +0800 Subject: [PATCH] Update Readme.md --- Readme.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Readme.md b/Readme.md index ab56f955..ef3b58fb 100644 --- a/Readme.md +++ b/Readme.md @@ -9,6 +9,8 @@ Unlike AFL, AFLGo spends most of its time budget on reaching specific target loc * **information flow detection** by setting sensitive sources and sinks as targets. To expose data leakage vulnerabilities, a security researcher would like to generate executions that exercise sensitive sources containing private information and sensitive sinks where data becomes visible to the outside world. A directed fuzzer can be used to generate such executions efficiently. * **crash reproduction** by setting method calls in the stack-trace as targets. When in-field crashes are reported, only the stack-trace and some environmental parameters are sent to the in-house development team. To preserve the user's privacy, the specific crashing input is often not available. AFLGo could help the in-house team to swiftly reproduce these crashes. +AFLGo is based on AFL from MichaƂ Zaleski \. + # Integration into OSS-Fuzz The easiest way to use AFLGo is as patch testing tool in OSS-Fuzz. Here is our integration: * https://github.com/aflgo/oss-fuzz @@ -139,6 +141,6 @@ mkdir in cp $SUBJECT/test/dtd* in cp $SUBJECT/test/dtds/* in -# To be continued ... +$AFLGO/afl-fuzz -S ef709ce2 -z exp -c 45m -i in -o out $SUBJECT/xmllint --valid --recover @@ ```