Coder Social home page Coder Social logo

libdesock's Introduction

De-socketing for Fuzzing

When fuzzing network applications the fuzzers provide their inputs over stdin although the applications expect their input over network connections. This library redirects all network communication to stdin and stdout such that network applications can be traditionally fuzzed with AFL++.

This has the advantage of

  1. Improving performance by reducing kernel interactions because libdesock operates 100% in user-space
  2. Reducing the amount of manual effort necessary to create a harness

For an in-depth explanation of de-socketing see our blog post.

Building

Libdesock uses meson and ninja as its build system.

meson setup ./build
cd ./build

You can configure the build using

meson configure -D <optname>=<optvalue>

You can get an overview over all options with

meson configure

The following options are specific to libdesock:

Option Description Default
arch The CPU architecture for which you are compiling libdesock.so x86_64
debug_desock If this is true, calls to functions in libdesock.so get logged to stderr. false
desock_client If this is true, calls to connect() get hooked. This enables the desocketing of clients. false
desock_server If this is true, calls to bind() get hooked. This enables the desocketing of servers. true
fd_table_size Only fds < fd_table_size can be desocked. 128
interpreter Path to ld.so (will be determined dynamically if not set)

If configuration is done compile with

meson compile

This creates a shared library ./build/libdesock.so and a static library ./build/libdesock.a.

Usage

Prepend

LD_PRELOAD=libdesock.so

to the invocation of any network application or set the environment variable

AFL_PRELOAD=libdesock.so

when using AFL++.

Examples

If you are using libdesock and AFL for fuzzing, the programs under test usually require a special setup to work with AFL. Checkout our examples directory for some examples on how to properly setup network applications for fuzzing.

Known Bugs

  • TCP servers using libuv cannot be de-socket-ed (yet). De-socketing of libuv currently only works with UDP servers. It only takes a small change to fix this though, if anyone needs this create an issue.
  • ioctl() is not supported. Make sure your target does not rely on ioctl requests

Copyright Notice

Libdesock is based upon musl libc and parts of the musl source code can be found in libdesock.

libdesock's People

Contributors

pd-fkie avatar martinclauss avatar

Watchers

James Cloos avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.