Python HFuzz
Everything you need to glue honggfuzz and python 3.
Install
cd /path/to/honggfuzz/sources/
git clone https://github.com/thebabush/python-hfuzz.git python
cd python
python setup.py installImportant: do not use pip. Right now I'm using relative paths to link
honggfuzz' static libraries to python-hfuzz and pip doesn't like that.
Feel free to create a PR to improve the build system.
Usage
Normal execution:
honggfuzz -f ./corpus -F 8 -- ./examples/cmp.py ___FILE___Persistent mode:
honggfuzz -f ./corpus -F 8 -P -- ./examples/persistent.pyWhy?
Well, the main reasons are these:
- There are DBIs out there that can be scripted in python. While it's not the best idea performance-wise, sometimes your dev-speed/run-speed trade-off makes it worth it in the short term (e.g.: one-off custom feedback implementations, research, CTFs, etc...)
- Fuzzing python programs. Coupled with some nice bytecode-level instrumentation, this could be interesting.
- Reimplement AFL-unicorn without
patching unicorn's QEMU (hello
UC_HOOK_BLOCK).