Code Monkey home page Code Monkey logo

guanfuzz's Introduction

tags: paper

Guan Fuzz

Environment

  • OS
➜  ~ lsb_release -r 
Release:	20.04
➜  ~ uname -a
Linux lin-System-Product-Name 5.13.0-40-generic #45~20.04.1-Ubuntu SMP Mon Apr 4 09:38:31 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
  • clang & llvm version
➜  ~ clang -v
clang version 10.0.0-4ubuntu1 
Target: x86_64-pc-linux-gnu
Thread model: posix
InstalledDir: /usr/bin
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/8
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/9
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/8
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/9
Selected GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/9
Candidate multilib: .;@m64
Selected multilib: .;@m64

➜  ~ llvm-config --version
10.0.0

Usage

xml setting

  • element
    • ARGV
      • ELEMENT
        • origin parameter
    • PARAMETER
      • MUST
        • true : 100% selected
        • false: 50%
      • ELEMENT
        • parameter
  • example
<root>
  <ARGV>
      <ELEMENT>./djpeg @@</ELEMENT>
 </ARGV>

  <PARAMETER>
    <MUST>false</MUST>
    <ELEMENT>-colors 8</ELEMENT>
    <ELEMENT>-colors 9</ELEMENT>
    <ELEMENT>-colors 10</ELEMENT>
    <ELEMENT>-colors 50</ELEMENT>
    <ELEMENT>-colors 99</ELEMENT>
  </PARAMETER>	  
  <PARAMETER>
    <MUST>false</MUST>
    <ELEMENT>-fast</ELEMENT>
  </PARAMETER>
  <PARAMETER>
    <MUST>false</MUST>
    <ELEMENT>-grayscale</ELEMENT>
  </PARAMETER>
  <PARAMETER>
    <MUST>false</MUST>
    <ELEMENT>-rgb</ELEMENT>
  </PARAMETER>
  <PARAMETER>
    <MUST>false</MUST>
    <ELEMENT>-rgb565</ELEMENT>
  </PARAMETER>
  <PARAMETER>
    <MUST>false</MUST>
    <ELEMENT>-scale 1/7</ELEMENT>
    <ELEMENT>-scale 1/3</ELEMENT>
    <ELEMENT>-scale 2/3</ELEMENT>
    <ELEMENT>-scale 2/1</ELEMENT>
  </PARAMETER>
  <PARAMETER>
    <MUST>false</MUST>
    <ELEMENT>-bmp</ELEMENT>
    <ELEMENT>-gif</ELEMENT>
    <ELEMENT>-os2</ELEMENT>
    <ELEMENT>-pnm</ELEMENT>
    <ELEMENT>-targa</ELEMENT>
  </PARAMETER>
  <PARAMETER>
    <MUST>false</MUST>
    <ELEMENT>-dct int</ELEMENT>
    <ELEMENT>-dct fast</ELEMENT>
    <ELEMENT>-dct float</ELEMENT>
  </PARAMETER>
  <PARAMETER>
    <MUST>false</MUST>
    <ELEMENT>-dither fs</ELEMENT>
    <ELEMENT>-dither none</ELEMENT>
    <ELEMENT>-dither ordered</ELEMENT>
  </PARAMETER>
  <PARAMETER>
    <MUST>false</MUST>
    <ELEMENT>-nosmooth</ELEMENT>
  </PARAMETER>
  <PARAMETER>
    <MUST>false</MUST>
    <ELEMENT>-onepass</ELEMENT>
  </PARAMETER>
  <PARAMETER>
    <MUST>false</MUST>
    <ELEMENT>-maxmemory 1</ELEMENT>
  </PARAMETER>
  <PARAMETER>
    <MUST>true</MUST>
    <ELEMENT>-outfile /dev/null</ELEMENT>
  </PARAMETER>
  <PARAMETER>
    <MUST>false</MUST>
    <ELEMENT>-memsrc</ELEMENT>
  </PARAMETER>
  <PARAMETER>
    <MUST>false</MUST>
    <ELEMENT>-skip 0,20</ELEMENT>
    <ELEMENT>-skip 0,21</ELEMENT>
    <ELEMENT>-skip 1,20</ELEMENT>
    <ELEMENT>-skip 1,21</ELEMENT>
  </PARAMETER>
  <PARAMETER>
    <MUST>false</MUST>
    <ELEMENT>-crop 5x5+3+3</ELEMENT>
  </PARAMETER>
  <PARAMETER>
    <MUST>true</MUST>
    <ELEMENT>@@</ELEMENT>
  </PARAMETER>
</root>

how to run

  • Meanshift 
        python3 group_argv_file.py 8090 valid invalid
  • Guan-Fuzz 
        ./Guan-fuzz -i in -o out -s ./parameter.xml -m none -d -p 8090 ./djpeg

Result

Target CVE ID
bingrep CVE-2021-39480
libsixel CVE-2021-46700
libtiff CVE-2022-2867
libtiff CVE-2022-2868
libtiff CVE-2022-2869
libtiff CVE-2022-1354
libtiff CVE-2022-1355
fribidi CVE-2022-25308
fribidi CVE-2022-25308
fribidi CVE-2022-25308
jbig2dec CVE-2023-46361
mupdf CVE-2021-4216
Bento4 CVE-2022-29017

guanfuzz's People

Contributors

p870613 avatar hackmd-deploy avatar

Stargazers

avatar item avatar MandaC avatar avatar avatar Wu avatar JSKKK avatar avatar

Watchers

avatar

Forkers

13579and2468

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.