Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update Windows target and others #53

Closed
fuzzah opened this issue Mar 10, 2022 · 7 comments
Closed

Update Windows target and others #53

fuzzah opened this issue Mar 10, 2022 · 7 comments
Labels
documentation Improvements or additions to documentation enhancement New feature or request help wanted Extra attention is needed

Comments

@fuzzah
Copy link

fuzzah commented Mar 10, 2022

Hi. I wish to contribute.
What needs to be done in order to migrate targets from kafl_user.h to nyx_api.h? I'm most interested in the Windows target.
I guess I would also need to read some additional info on the topic (kAFL, QEMU, snapshot fuzzing etc.). Any recommendations for that?

@il-steffen
Copy link
Collaborator

Hi, welcome!

For an overview on the tool, I think the original kAFL paper and more recent Nyx paper are probably the best intro.
https://nyx-fuzz.com/papers/ => kAFL Feedback Fuzzer and Nyx Greybox Hypervisor Fuzzer.

If you ignore the Hypervisor and structure-aware fuzzer part in the Nyx paper, it basically shows an extension of kAFL with fast snapshots (and other capabilities merged in the code base as well).

Migrating to the new interface is not difficult. Here is my change for the Zephyr sample: IntelLabs/kafl.targets@6cece87

  • include new nyx_api.h
  • query host_config and set agent_config as part of fuzzer handshake.
  • start fuzzing loop

The config query/set hypercalls are now required. The various new options are not tested at all, I basically just set it up for PT tracing + validate the payload buffer size expected by fuzzer frontend.

@il-steffen
Copy link
Collaborator

Someone did the hard work, would be great to cleanup and integrate: https://github.com/Kharos102/kafl.targets

@il-steffen il-steffen added documentation Improvements or additions to documentation enhancement New feature or request help wanted Extra attention is needed labels May 24, 2022
@Wenzel
Copy link
Contributor

Wenzel commented Jun 12, 2023

Hello @Kharos102, i'm trying to integrate the work you did on fixing the Windows targets for kAFL.

I have a WIP branch here:
https://github.com/Wenzel/kafl.targets/tree/fix_windows

I'm stuck at trying to find the right environment and cl.exe command line to compile the Driver.c

I'm working with a Windows 10, Visual studio 2017 SDK and MSVC compiler is installed + WDK (10.0.17763.0)
Basically what i'm doing right now:

C:\\Program Files (x86)\\Microsoft Visual Studio\\2017\\BuildTools\\VC\\Auxiliary\\Build\\vcvars64.bat
# append env vars with WDK Include and Lib dirs
# include: C:\\Program Files (x86)\\Windows Kits\\10\\include\\10.0.17763.0\\km
# lib: C:\\Program Files (x86)\\Windows Kits\\10\\Lib\\10.0.17763.0\\km\\x64
cl Driver.c <cl_options>

I know it's been a long time, but if you recall how you approached it, it would help.
Thanks !

@Kharos102
Copy link

Hey!

Pretty sure I just create a new project in Visual Studio based on the empty WDM project template, then replace the main .c code with the Driver.c code, don't usually compile it via cl directly.

@Wenzel
Copy link
Contributor

Wenzel commented Jun 14, 2023

Hey @Kharos102

I managed to compile it with cl.exe, but I will update that later on with a real VS project and use msbuild, that's more convenient

Thanks !

@Wenzel
Copy link
Contributor

Wenzel commented Jun 28, 2023

A PR has been that should fix this issue:
IntelLabs/kafl.targets#21

@Wenzel
Copy link
Contributor

Wenzel commented Jul 19, 2023

@Wenzel Wenzel closed this as completed Jul 19, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
documentation Improvements or additions to documentation enhancement New feature or request help wanted Extra attention is needed
Projects
None yet
Development

No branches or pull requests

4 participants