-
Notifications
You must be signed in to change notification settings - Fork 65
LAVA Wiki
Andrew edited this page Jun 13, 2026
·
12 revisions
The files were originally found here.
LAVA is the product of a collaboration between MIT Lincoln Laboratory, NYU, and Northeastern University, designed to provide a method for testing fuzzers and automating the creation of CTFs by injecting security vulnerabilities into source code.
Download the LAVA Debian Package here and to install the Python package, use pip install pyroclastic.
Checkmark means we know this works. To replicate the result, use the same project and check the logs for injection.
- BUG_PTR_ADD, see example with toy
Validating bug 23 of 50
No known solution for bug with id=942
Bug[942](type=BUG_PTR_ADD, trigger=75, atp=21)
fuzzed = [/mnt/c/Users/andre/OneDrive/Desktop/lava/target_injections/toy/generated-inputs/testsmall-fuzzed-942.bin]
Run modified program: /mnt/c/Users/andre/OneDrive/Desktop/lava/target_injections/toy/bugs/0/toy/lava-install/bin/toy /mnt/c/Users/andre/OneDrive/Desktop/lava/target_injections/toy/generated-inputs/testsmall-fuzzed-942.bin
retval = 139
:type_1 + bug.type
RV indicates memory corruption
Moving crashing input file to /mnt/c/Users/andre/OneDrive/Desktop/lava/target_injections/toy/crashes/testsmall-fuzzed-942.bin
- [] RET_BUFFER
- [] REL_WRITE
- [] PRINTF_LEAK
- [] MALLOC_OFF_BY_ONE
Chaff Bugs Confirmation
- [] CHAFF_STACK_UNUSED
- [] CHAFF_STACK_CONST
- [] CHAFF_HEAP_CONST
- [] CHAFF_DIVZERO
Also, we highly suggest downloading the relevant PANDA QCows, as this can take some time on your first time running LAVA. The commands are provided here.
python3 -c "from pandare.qcows_internal import Qcows;Qcows.get_qcow('x86_64')"
python3 -c "from pandare.qcows_internal import Qcows;Qcows.get_qcow('i386')"
python3 -c "from pandare.qcows_internal import Qcows;Qcows.get_qcow('arm')"
python3 -c "from pandare.qcows_internal import Qcows;Qcows.get_qcow('aarch64')"