Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Introduction to Fuzzing with AFL

Sponsored · Your Podcast. Everywhere. Effortlessly. Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
Avatar for Ayush Priya Ayush Priya
November 16, 2021
Technology
0
37

Introduction to Fuzzing with AFL

This talk is an introduction to using AFL or American Fuzzy Lop to fuzz binaries.

Avatar for Ayush Priya

Ayush Priya

November 16, 2021
Tweet

More Decks by Ayush Priya

See All by Ayush Priya
Scrubbing PII from Logs in LogStash
Avatar for Ayush Priya ayushpriya10
0
820
Introduction to Deserialization Attacks
Avatar for Ayush Priya ayushpriya10
2
670
Web Assembly for Hackers
Avatar for Ayush Priya ayushpriya10
0
55

Other Decks in Technology

See All in Technology
データの整合性を保ちたいだけなんだ
Avatar for ShoheiMitani shoheimitani
7
2.8k
茨城の思い出を振り返る ~CDKのセキュリティを添えて~ / 20260201 Mitsutoshi Matsuo
Avatar for SHIFT EVOLVE shift_evolve
PRO
1
170
MySQLのJSON機能の活用術
Avatar for mikoma ikomachi226
0
150
Context Engineeringの取り組み
Avatar for nutslove nutslove
0
270
予期せぬコストの急増を障害のように扱う――「コスト版ポストモーテム」の導入とその後の改善
Avatar for Masahiro Yoshizawa muziyoshiz
1
1.5k
入社1ヶ月でデータパイプライン講座を作った話
Avatar for Yuta Ozaki waiwai2111
1
220
10Xにおける品質保証活動の全体像と改善 #no_more_wait_for_test
Avatar for nihonbuson nihonbuson
PRO
1
150
Amazon S3 Vectorsを使って資格勉強用AIエージェントを構築してみた
Avatar for usanchuu usanchuu
3
430
変化するコーディングエージェントとの現実的な付き合い方 〜Cursor安定択説と、ツールに依存しない「資産」〜
Avatar for empitsu empitsu
4
1.3k
顧客の言葉を、そのまま信じない勇気
Avatar for yamatai12 yamatai1212
1
320
2026年、サーバーレスの現在地 -「制約と戦う技術」から「当たり前の実行基盤」へ- /serverless2026
Avatar for Serverless Operations slsops
2
200
なぜ今、コスト最適化(倹約)が必要なのか? ~AWSでのコスト最適化の進め方「目的編」~
Avatar for Hayato Tan htan
1
110

Featured

See All Featured
What's in a price? How to price your products and services
Avatar for Michael Herold michaelherold
247
13k
How to Talk to Developers About Accessibility
Avatar for Jason CranfordTeague jct
2
120
It's Worth the Effort
Avatar for 3n 3n
188
29k
BBQ
Avatar for Matthew Crist matthewcrist
89
10k
Writing Fast Ruby
Avatar for Erik Berlin sferik
630
62k
Kristin Tynski - Automating Marketing Tasks With AI
Avatar for Tech SEO Connect techseoconnect
PRO
0
130
Building AI with AI
Avatar for Ines Montani inesmontani
PRO
1
680
Leveraging LLMs for student feedback in introductory data science courses - posit::conf(2025)
Avatar for Mine Cetinkaya-Rundel minecr
0
140
Designing Experiences People Love
Avatar for Jonathan Moore moore
144
24k
Deep Space Network (abreviated)
Avatar for Tony Rice tonyrice
0
44
Easily Structure & Communicate Ideas using Wireframe
Avatar for Afnizar Nur Ghifari afnizarnur
194
17k
The agentic SEO stack - context over prompts
Avatar for schlessera schlessera
0
630

Transcript

  1. Introduction to fuzzing with AFL

  2. Ayush Priya VIT, Vellore @ayushpriya10 https://ayushpriya.com https://www.linkedin.com/in/ayushpriya10

  3. What am I learning? • What is fuzzing and fuzzers?

    • What is AFL? • How to use AFL?

  4. Why am I learning this? • Discover undiscovered bugs •

    Build a robust approach to development • (Maybe make some money)

  5. What is Fuzzing? • A form of testing • Random

    invalid input • Behaviour analysis

  6. "You can find bugs in your sleep." - Craig Young

  7. Why fuzz at all? • Unique test cases • Eliminates

    methodology bias • Metrics - Code Coverage, Path Coverage

  8. Types of fuzzers • Mutational • Grammar • Feedback-based

  9. Introduction to AFL • Open-source • Smart fuzzer: PoC -

    “Hello JPG”

  10. Prerequisites • GCC, CLang • GDB, Exploitable • Screen •

    Libtool-bin, automake, bison, libglib2.0-dev, qemu

  11. Installation • Install AFL • Enable LLVM mode • Enable

    QEMU mode

  12. AFL Workflow • Compiling the binary with AFL’s compilers •

    Building a Test Corpus • Running AFL on the target binary • Analyse findings

  13. Compiling with AFL $ export CC=afl-clang-fast $ export AFL_HARDEN=1 $

    export AFL_INST_RATIO=100 $ ./configure $ make

  14. Building Test Corpus • Supplying test case(s) $ cp /bin/ps

    afl_in/

  15. Fuzzing with source • Build binary from source AFL •

    Add test cases to afl_in • Fuzz! $ afl-fuzz -i in/ -o out/ -- ./bin @@

  16. Parallel Fuzzing • One core per fuzzer • Check free

    cores $ afl-fuzz -i in -o out -M f1 -- ./bin @@ $ afl-fuzz -i in -o out -S f2 -- ./bin @@

  17. Output Structure • One folder per fuzzer • /crashes, /hangs,

    /queue

  18. Analysing AFL Screen

  19. Hands-on • Clone fuzzgoat • Compile with AFL • Fuzz

    in parallel • Check status

  20. GDB and Exploitable • Open binary with GDB • Choose

    a crash case • Run test case • Classify with Exploitable

  21. Optimising Fuzzing • Execution Speed, Fail Fast • Isolate test

    code • Minimise test cases • Minimise test files

  22. Fuzzing a binary without source • Linux binaries • AFL’s

    QEMU Mode

  23. Limitations of AFL • Supports file/STDIN input • Supports selective

    binaries • Supports selective OSs

  24. Thanks!