Fuzzing Linux binaries with AFL++

Fuzzing Linux binaries with AFL++

This FYP project demonstrates the application of AFL++, a state-of-the-art fuzzing tool, for discovering new vulnerabilities in the latest versions of Linux binaries. AFL++ automates grey box testing of instrumented Linux binaries to detect bugs and vulnerabilities. The project comprises three phase...

Full description

Saved in:
Bibliographic Details
Main Author: Lim, Wei Cheng
Other Authors: Liu Yang
Format: Final Year Project
Language:English
Published: Nanyang Technological University 2023
Subjects:
Engineering::Computer science and engineering::Computer systems organization::Performance of systems
Engineering::Computer science and engineering::Software::Programming languages
Online Access:https://hdl.handle.net/10356/165865
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English
id sg-ntu-dr.10356-165865
record_format dspace
spelling sg-ntu-dr.10356-1658652023-04-14T15:37:08Z Fuzzing Linux binaries with AFL++ Lim, Wei Cheng Liu Yang School of Computer Science and Engineering yangliu@ntu.edu.sg Engineering::Computer science and engineering::Computer systems organization::Performance of systems Engineering::Computer science and engineering::Software::Programming languages This FYP project demonstrates the application of AFL++, a state-of-the-art fuzzing tool, for discovering new vulnerabilities in the latest versions of Linux binaries. AFL++ automates grey box testing of instrumented Linux binaries to detect bugs and vulnerabilities. The project comprises three phases of fuzzing campaign. The first phase involves prepping of instrumented target binary and necessary seeds files to feed into the binary. The second phase, AFL++ techniques and methods are employed to conduct fuzzing of the instrumented binary. The third phase, the crashes found during fuzzing are triaged and bug reports were submitted for Xpdf pdftotext, GPAC MP4Box, and Vim text editor tool. Bugs discovered in GPAC MP4Box and Vim have been assigned CVE numbers. Bachelor of Engineering (Computer Engineering) 2023-04-13T08:44:02Z 2023-04-13T08:44:02Z 2023 Final Year Project (FYP) Lim, W. C. (2023). Fuzzing Linux binaries with AFL++. Final Year Project (FYP), Nanyang Technological University, Singapore. https://hdl.handle.net/10356/165865 https://hdl.handle.net/10356/165865 en SCSE22-0585 application/pdf Nanyang Technological University
institution Nanyang Technological University
building NTU Library
continent Asia
country Singapore
Singapore
content_provider NTU Library
collection DR-NTU
language English
topic Engineering::Computer science and engineering::Computer systems organization::Performance of systems
Engineering::Computer science and engineering::Software::Programming languages
spellingShingle Engineering::Computer science and engineering::Computer systems organization::Performance of systems
Engineering::Computer science and engineering::Software::Programming languages
Lim, Wei Cheng
Fuzzing Linux binaries with AFL++
description This FYP project demonstrates the application of AFL++, a state-of-the-art fuzzing tool, for discovering new vulnerabilities in the latest versions of Linux binaries. AFL++ automates grey box testing of instrumented Linux binaries to detect bugs and vulnerabilities. The project comprises three phases of fuzzing campaign. The first phase involves prepping of instrumented target binary and necessary seeds files to feed into the binary. The second phase, AFL++ techniques and methods are employed to conduct fuzzing of the instrumented binary. The third phase, the crashes found during fuzzing are triaged and bug reports were submitted for Xpdf pdftotext, GPAC MP4Box, and Vim text editor tool. Bugs discovered in GPAC MP4Box and Vim have been assigned CVE numbers.
author2 Liu Yang
author_facet Liu Yang
Lim, Wei Cheng
format Final Year Project
author Lim, Wei Cheng
author_sort Lim, Wei Cheng
title Fuzzing Linux binaries with AFL++
title_short Fuzzing Linux binaries with AFL++
title_full Fuzzing Linux binaries with AFL++
title_fullStr Fuzzing Linux binaries with AFL++
title_full_unstemmed Fuzzing Linux binaries with AFL++
title_sort fuzzing linux binaries with afl++
publisher Nanyang Technological University
publishDate 2023
url https://hdl.handle.net/10356/165865
_version_ 1764208092201877504

Similar Items