The android-fuzzing from quarkslab

android-fuzzing's Issues

The following error occurs when running AFL on my Pixel 6 phone

The following error occurs when running AFL on my Pixel 6 phone。
By the way，I am compiling AFL on Macos。
error message:

[-] Hmm, looks like the target binary terminated before we could complete a
handshake with the injected code. You can try the following:

- The target binary crashes because necessary runtime conditions it needs
  are not met. Try to:
  1. Run again with AFL_DEBUG=1 set and check the output of the target
     binary for clues.
  2. Run again with AFL_DEBUG=1 and 'ulimit -c unlimited' and analyze the
     generated core dump.

- Possibly the target requires a huge coverage map and has CTORS.
  Retry with setting AFL_MAP_SIZE=10000000.

Otherwise there is a horrible bug in the fuzzer.
Poke [email protected] for troubleshooting tips.

[-] PROGRAM ABORT : Fork server handshake failed
Location : afl_fsrv_start(), /Volumes/CODE/FUZZ/QUARKSLAB/android-fuzzing/AFLplusplus/AFLplusplus-4.06c/src/afl-forkserver.c:1385

PROGRAM ABORT : Patch out of range when try the native fuzz example.

Hello, I try to replay the native fuzz follow the blog. But got the follow error.

z3q:/data/local/tmp/afl++ # AFL_DEBUG=1 ./afl-fuzz -O -G 256 -i ./in/ -o out/ ./fuzz
[+] Enabled environment variable AFL_DEBUG with value 1
[+] Enabled environment variable AFL_DEBUG with value 1
afl-fuzz++4.06c based on afl by Michal Zalewski and a large online community
....
....
[*] Spinning up the fork server...
DEBUG: debug enabled
DEBUG: (1) id_str 9, __afl_area_ptr 0x7eca5904e0, __afl_area_initial 0x7eca5904e0, __afl_area_ptr_dummy 0x7eca5904e0, __afl_map_addr 0x0, MAP_SIZE 65536, __afl_final_loc 0, __afl_map_size 65536, max_size_forkserver 8388608/0x800000
DEBUG: (2) id_str 9, __afl_area_ptr 0x7ecabcf000, __afl_area_initial 0x7eca5904e0, __afl_area_ptr_dummy 0x7eca5904e0, __afl_map_addr 0x0, MAP_SIZE 65536, __afl_final_loc 0, __afl_map_size 65536, max_size_forkserver 8388608/0x800000
DEBUG: cmplog id_str <null>
DEBUG: debug enabled
DEBUG: (1) id_str 9, __afl_area_ptr 0x7ff458a4e0, __afl_area_initial 0x7ff458a4e0, __afl_area_ptr_dummy 0x7ff458a4e0, __afl_map_addr 0x0, MAP_SIZE 65536, __afl_final_loc 0, __afl_map_size 65536, max_size_forkserver 8388608/0x800000
DEBUG: (2) id_str 9, __afl_area_ptr 0x7ff6cd8000, __afl_area_initial 0x7ff458a4e0, __afl_area_ptr_dummy 0x7ff458a4e0, __afl_map_addr 0x0, MAP_SIZE 65536, __afl_final_loc 0, __afl_map_size 65536, max_size_forkserver 8388608/0x800000
DEBUG: cmplog id_str <null>
[*] Starting FRIDA config for PID: 31331
[*] All done!

[-] PROGRAM ABORT : Patch out of range 0x0000007CFD797284->0x0000007FF6CD8000 = 0x00000002F9541000
         Location : instrument_patch_ardp(), /home/iot/fuzz/AFLplusplus/frida_mode/src/instrument/instrument_arm64.c:278

https://github.com/quarkslab/android-fuzzing/tree/main/native

persistent sample for file path sample plz

Hi dear masters.

what is solution for persistent mode if function need to pass a file path ?
please help or write a sample.

Thank you.

quarkslab / android-fuzzing Goto Github PK

android-fuzzing's People

Contributors

Stargazers

Watchers

Forkers

android-fuzzing's Issues

The following error occurs when running AFL on my Pixel 6 phone

PROGRAM ABORT : Patch out of range when try the native fuzz example.

persistent sample for file path sample plz

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent