New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
is there some tutorial about using libfuzzer in android #3
Comments
Hi @hackerlib, what particularly are you going to fuzz in Android? Basically, you need to be able to compile your C/C++ programs for Android platform. You also need to be able to use AddressSanitizer (it's possible: https://source.android.com/devices/tech/debug/asan), and you need |
@hackerlib A little bit off-topic but there was a presentation at BlackHat Europe 2015 about using afl to fuzz Android system components like stagefright. You need to apply a patch from Intel to afl, what was done here: https://github.com/ele7enxxh/android-afl |
Thanks, @Dor1s and @raymontag , when I dig into the build process of libfuzzer, It looks relatively simple, but my first attempt was failed because of my clang version or some other reason, In addition, as raymontag said, may be put the librarys of I want to test into linux platform is better. |
Interesting, I haven't tried that. |
@hackerlib Thx for the hint. However, with android-afl you will fuzz on the Android device. The guys from Intel had a rig of around 50 Nexus phones IIRC. You can find the paper here: https://www.blackhat.com/eu-15/briefings.html#fuzzing-android-a-recipe-for-uncovering-vulnerabilities-inside-system-components-in-android |
Hi, Dor1s, is there some tutorial about using libfuzzer in android? can you give some advice?
thanks.
The text was updated successfully, but these errors were encountered: