diff options
| -rw-r--r-- | development/aflplusplus/README | 22 | ||||
| -rw-r--r-- | development/aflplusplus/aflplusplus.SlackBuild | 124 | ||||
| -rw-r--r-- | development/aflplusplus/aflplusplus.info | 12 | ||||
| -rw-r--r-- | development/aflplusplus/build_qemu_support.diff | 41 | ||||
| -rw-r--r-- | development/aflplusplus/slack-desc | 19 |
5 files changed, 218 insertions, 0 deletions
diff --git a/development/aflplusplus/README b/development/aflplusplus/README new file mode 100644 index 0000000000..03eb536092 --- /dev/null +++ b/development/aflplusplus/README @@ -0,0 +1,22 @@ +aflplusplus (enhanced fork of afl fuzzer) + +afl++ is a superior fork to Google's afl - more speed, more and better +mutations, more and better instrumentation, custom module support, etc. + +American fuzzy lop is a security-oriented fuzzer that employs a +novel type of compile-time instrumentation and genetic algorithms to +automatically discover clean, interesting test cases that trigger new +internal states in the targeted binary. This substantially improves +the functional coverage for the fuzzed code. The compact synthesized +corpora produced by the tool are also useful for seeding other, more +labor- or resource-intensive testing regimes down the road. + +This build of aflplusplus does not include frida and unicorn modes, so +the -O and -U options won't work. + +Build option: If you need to fuzz binary-only software, aflplusplus can +be built with QEMU support. To do this, download the qemu source from: + +https://slackware.uk/~urchlay/src/qemuafl-d73b0336b4.tar.xz + +...and place it in the SlackBuild's directory before running the script. diff --git a/development/aflplusplus/aflplusplus.SlackBuild b/development/aflplusplus/aflplusplus.SlackBuild new file mode 100644 index 0000000000..f0eecfe464 --- /dev/null +++ b/development/aflplusplus/aflplusplus.SlackBuild @@ -0,0 +1,124 @@ +#!/bin/bash + +# Slackware build script for aflplusplus + +# Written by B. Watson (yalhcru@gmail.com) + +# Licensed under the WTFPL. See http://www.wtfpl.net/txt/copying/ for details. + +cd $(dirname $0) ; CWD=$(pwd) + +PRGNAM=aflplusplus +SRCNAM=AFLplusplus +VERSION=${VERSION:-3.14c} +BUILD=${BUILD:-1} +TAG=${TAG:-_SBo} +PKGTYPE=${PKGTYPE:-tgz} + +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) ARCH=i586 ;; + arm*) ARCH=arm ;; + *) ARCH=$( uname -m ) ;; + esac +fi + +if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then + echo "$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.$PKGTYPE" + exit 0 +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp/SBo} +PKG=$TMP/package-$PRGNAM +OUTPUT=${OUTPUT:-/tmp} + +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i686" ]; then + SLKCFLAGS="-O2 -march=i686 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +set -e + +rm -rf $PKG +mkdir -p $TMP $PKG $OUTPUT +cd $TMP +rm -rf $SRCNAM-$VERSION +tar xvf $CWD/$SRCNAM-$VERSION.tar.gz +cd $SRCNAM-$VERSION +chown -R root:root . +find -L . -perm /111 -a \! -perm 755 -a -exec chmod 755 {} \+ -o \ + \! -perm /111 -a \! -perm 644 -a -exec chmod 644 {} \+ + +DOCDIR=/usr/doc/$PRGNAM-$VERSION +PKGDOC=$PKG/$DOCDIR + +# Make it use the qemu source provided by us, instead of doing a git +# clone (which didn't work properly anyway). Also this removes the +# hexagon arch in qemu, because its meson.build breaks the build (even +# though we're not even building hexagon support). +patch -p1 < $CWD/build_qemu_support.diff + +# qemu mode is optional, only build if the source exists. +QEMUVER="$( cat qemu_mode/QEMUAFL_VERSION )" +QEMUSRC="$CWD/qemuafl-$QEMUVER.tar.xz" +if [ -e "$QEMUSRC" ]; then + echo "=== QEMU source found, building qemu_mode" + ( cd qemu_mode + rm -rf qemuafl + tar xvf "$QEMUSRC" ) + WITHQEMU=WITH +else + echo "=== QEMU source NOT found, not building qemu_mode" + sed -i \ + -e '/-cd qemu_mode/d' \ + GNUmakefile + WITHQEMU=WITHOUT +fi + +# Apply our flags, disable frida and unicorn modes because they +# don't build. +sed -i \ + -e "s/= *-O3 *-funroll-loops/= $SLKCFLAGS/" \ + -e '/MAKE.*-C *frida_mode *$/d' \ + -e '/-cd unicorn_mode/d' \ + GNUmakefile + +make \ + DESTDIR=$PKG \ + PREFIX=/usr \ + HELPER_PATH=/usr/lib$LIBDIRSUFFIX/$PRGNAM \ + DOC_PATH=$DOCDIR \ + MAN_PATH=/usr/man/man8 \ + distrib \ + install + +# 20211216 bkw: faster than the usual find|strip stuff. Maybe this +# should be the new template. +find $PKG/usr/bin $PKG/usr/lib* -type f -print0 | \ + xargs -0 file -m /etc/file/magic/elf | \ + grep -e "executable" -e "shared object" | \ + grep ELF | \ + cut -d: -f1 | \ + xargs strip --strip-unneeded 2> /dev/null || true + +gzip $PKG/usr/man/man8/*.8 + +rm -f $PKGDOC/INSTALL* # useless. +cat README.md > $PKGDOC/README.md # upstream forgot this. +cat $CWD/$PRGNAM.SlackBuild > $PKGDOC/$PRGNAM.SlackBuild + +mkdir -p $PKG/install +sed "s,@WITHQEMU@,$WITHQEMU," $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.$PKGTYPE diff --git a/development/aflplusplus/aflplusplus.info b/development/aflplusplus/aflplusplus.info new file mode 100644 index 0000000000..9a2a68598a --- /dev/null +++ b/development/aflplusplus/aflplusplus.info @@ -0,0 +1,12 @@ +PRGNAM="aflplusplus" +VERSION="3.14c" +HOMEPAGE="https://github.com/AFLplusplus/AFLplusplus" +DOWNLOAD="https://github.com/AFLplusplus/AFLplusplus/archive/3.14c/AFLplusplus-3.14c.tar.gz \ + https://github.com/frida/frida/releases/download/15.0.0/frida-gumjs-devkit-15.0.0-linux-x86_64.tar.xz" +MD5SUM="b59357f4afa849fef2cd652c4b0fcaae \ + d80a50c535c5b4d27f219b7cf61a693b" +DOWNLOAD_x86_64="" +MD5SUM_x86_64="" +REQUIRES="" +MAINTAINER="B. Watson" +EMAIL="yalhcru@gmail.com" diff --git a/development/aflplusplus/build_qemu_support.diff b/development/aflplusplus/build_qemu_support.diff new file mode 100644 index 0000000000..b9a28a6bfd --- /dev/null +++ b/development/aflplusplus/build_qemu_support.diff @@ -0,0 +1,41 @@ +diff -Naur AFLplusplus-3.14c/qemu_mode/build_qemu_support.sh AFLplusplus-3.14c.patched/qemu_mode/build_qemu_support.sh +--- AFLplusplus-3.14c/qemu_mode/build_qemu_support.sh 2021-07-19 04:50:09.000000000 -0400 ++++ AFLplusplus-3.14c.patched/qemu_mode/build_qemu_support.sh 2021-08-08 13:20:14.656823570 -0400 +@@ -68,36 +68,8 @@ + + echo "[+] All checks passed!" + +-echo "[*] Making sure qemuafl is checked out" +- +-git status 1>/dev/null 2>/dev/null +-if [ $? -eq 0 ]; then +- echo "[*] initializing qemuafl submodule" +- git submodule init || exit 1 +- git submodule update ./qemuafl 2>/dev/null # ignore errors +-else +- echo "[*] cloning qemuafl" +- test -d qemuafl || { +- CNT=1 +- while [ '!' -d qemuafl -a "$CNT" -lt 4 ]; do +- echo "Trying to clone qemuafl (attempt $CNT/3)" +- git clone --depth 1 https://github.com/AFLplusplus/qemuafl +- CNT=`expr "$CNT" + 1` +- done +- } +-fi +- +-test -d qemuafl || { echo "[-] Not checked out, please install git or check your internet connection." ; exit 1 ; } +-echo "[+] Got qemuafl." +- + cd "qemuafl" || exit 1 +-if [ -n "$NO_CHECKOUT" ]; then +- echo "[*] Skipping checkout to $QEMUAFL_VERSION" +-else +- echo "[*] Checking out $QEMUAFL_VERSION" +- sh -c 'git stash' 1>/dev/null 2>/dev/null +- git checkout "$QEMUAFL_VERSION" || echo Warning: could not check out to commit $QEMUAFL_VERSION +-fi ++sed -i '/hexagon/d' target/meson.build # broken! + + echo "[*] Making sure imported headers matches" + cp "../../include/config.h" "./qemuafl/imported/" || exit 1 diff --git a/development/aflplusplus/slack-desc b/development/aflplusplus/slack-desc new file mode 100644 index 0000000000..153526c57b --- /dev/null +++ b/development/aflplusplus/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. +# Line up the first '|' above the ':' following the base package name, and +# the '|' on the right side marks the last column you can put a character in. +# You must make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':' except on otherwise blank lines. + + |-----handy-ruler------------------------------------------------------| +aflplusplus: aflplusplus (enhanced fork of afl fuzzer) +aflplusplus: +aflplusplus: afl++ is a superior fork to Google's afl - more speed, more/better +aflplusplus: mutations, more/better instrumentation, custom module support, etc. +aflplusplus: +aflplusplus: American fuzzy lop is a security-oriented fuzzer that employs a +aflplusplus: novel type of compile-time instrumentation and genetic algorithms to +aflplusplus: automatically discover clean, interesting test cases that trigger new +aflplusplus: internal states in the targeted binary. +aflplusplus: +aflplusplus: This package built @WITHQEMU@ qemu support. |