I have some of github that I am trying to run using AFL.
The code: https://github.com/karimmd/CScanner/tree/cfe7d08bf46b1eed0443f9e27bc089d68a830a45
I wanna run the project and find vulnerablities. I have put the github all files inside a folder code , so the file structure is CScanner-master/code/all the files here.
I am using this command on terminal :
hemlatamahaur#Hemlatas-MacBook-Pro desktop % afl-fuzz -i CScanner-master -o code ./input-testcode.c
afl-fuzz 2.56b by <lcamtuf#google.com>
[+] You have 4 CPU cores and 2 runnable tasks (utilization: 50%).
[+] Try parallel jobs - see /usr/local/Cellar/afl-fuzz/2.57b/share/doc/afl/parallel_fuzzing.txt.
[*] Setting up output directories...
[+] Output directory exists but deemed OK to reuse.
[*] Deleting old session data...
[+] Output dir cleanup successful.
[*] Scanning 'CScanner-master'...
[+] No auto-generated dictionary tokens to reuse.
[*] Creating hard links for all input files...
[*] Validating target binary...
[-] PROGRAM ABORT : Program './input-testcode.c' not found or not executable
Location : check_binary(), afl-fuzz.c:6873
It keep saying there is no file as input-testcode.c
I am new to AFL, so I might be doing it wrong. How do I run this code using AFL to find the vulnerabilities. Any help is very appreciated.
you have to build your code using afl-clang first
afl-clang
$ afl-clang input-testcode.c -o input-testcode .
Then:
$ afl-fuzz -i CScanner-master -o code ./input-testcode .
I hope it works
Afl-fuzz works on the executable
Related
I am using libstandalonelibwebviewchromium.so in my android application and when I am calling a native method it throws "java.lang.UnsatisfiedLinkError: No implementation" . I have looked into this issue and found out that name of the function is different in the library. I have used "nm -gD libstandalonelibwebviewchromium.so" command to list all the methods. For example :
method "org_chromium_base_library_1loader_LibraryLoader_registerNonMainDexJni" changed to "Java_J_N_MIOj213u".
How to configure chromium at the build time to preserve original library method name??
Please help....
Thank You,
Avishek Nath
//////////////////////////////////
EDIT
/////////////////////////////////
For the Android Chromium source checkout I have followed this link :
https://chromium.googlesource.com/chromium/src/+/master/docs/android_build_instructions.md
I have checked out Chromium source code for Android from github.
Then I ran these commands in ubuntu system
$ gclient sync
$ gn gen --args='target_os="android" target_cpu="arm" is_debug=false' out/Default
$ ninja -C out/Default webview_instrumentation_apk
After these command execution "libstandalonelibwebviewchromium.so" generated in the out/Default folder.
I have taken the libstandalonelibwebviewchromium.so in my project and kept it in the jniLibs folder.
I also ran this "nm -gD libstandalonelibwebviewchromium.so" command which gave a list of symbols but all of them are like "Java_J_N_MIOj213u".
When I'm compiling ism project to create MSI, its still creates the MSI even though I have build errors.
The reason I need it NOT to be created is for build verification.
Instead of checking the build log for errors, I will just check the existence of the MSI.
Does anybody know how can I achieve that?
EDIT:
I'm using ISCmdBld tool to build MSIs. This is the command line I'm running to build where the environment variables are being set before running this command:
IsCmdBld -p "%FULL_PROJECT_FILENAME%" -a %BUILDMODE% -r %PRODUCT% -o "%MMSEARCHPATH%" | tee /A "%FULL_PROJECT_LOG_FILENAME%"
If you are compiling using IsCmdBld.exe, you should add the -x option, so that the build is stopped if an error occurs.
You also can use it combined with -w, which makes each warning becomes considered as an error (and thus, each warning encountered also stops the build).
More information about IsCmdBld.exe : http://helpnet.installshield.com/installshield16helplib/ISCmdBldParam.htm
I hope this helps.
Your build automation should check the exit code from ISCmdBld.exe. If the exit code is a failure, don't archive the output.
I am just starting to use Nitrous.IO and I can't seem to find any information on the web on how to run C++ programs you make in it. Any help on how to run a C++ app made in Nitrous would be a huge help.
All commands are to be run within the console
Step 1:
Get inside the appropriate directory using the following command:
cd ./folder/subfolder/etc.
Step 2:
Type in the following command to run a fileName.cpp program:
// This will make a separate file named 'fileName'
// within the directory you are working in.
// This can now be run in the console.
g++ -o fileName fileName.cpp
Step 3:
Type in the following command to run your program:
//The output will display in the console. Enjoy!
./fileName
ps: answer was there
I'm trying to run a Hello world C++ on Eclipse on Ubuntu 12.04. I installed g++ and wrote this code:
#include<vector>
#include<string>
#include <iostream>
using namespace std;
int main()
{
cout << "Hello World" << endl;
return 0;
}
Compile output:
**** Build of configuration Debug for project TopCoder ****
make all
make: Nothing to be done for `all'.
**** Build Finished ****
Run output message:
Launching TopCoder has encountered a problem
Error starting process
Error starting process.
Exec_tty error:Cannot run program "/media/01CCE00FA6888D80/Achieve/Eclipse/TopCoder/Debug/TopCoder": Unknown reason
Exec_tty error:Cannot run program "/media/01CCE00FA6888D80/Achieve/Eclipse/TopCoder/Debug/TopCoder": Unknown reason
Exec_tty error:Cannot run program "/media/01CCE00FA6888D80/Achieve/Eclipse/TopCoder/Debug/TopCoder": Unknown reason
when I put the source code on ext4 drive it builds and run
I changed
proc /proc proc nodev,noexec,nosuid 0 0
in /etc/fstab to
proc /proc proc dev,exec,suid 0 0
But no usefulness.
You're tring to run an application from the /media/01CCE00FA6888D80 volume. Removable USB? The most likely culprit is noexec as an option to the default mount command line.
check if noexec is part of the options for mounting the filesystem using:
grep noexec /proc/mounts
if this results in output indicating that noexec is in effect for the file system then try:
sudo mount -o remount,exec /media/01CCE00FA6888D80
Also, if the removable volume is NTFS, your milage may vary.
Try to build it from the command line. Then you will know if the problem is involved with g++ or with eclipse. I guess you should change your compiler path somewhere in the eclipse, are you sure you have eclipse-cdt? THe easiest way to compile it is:
g++ yourfile.cpp
Your problem is that you're workspace is probably on a different drive than the one you installed ubuntu on
You are running you project over Linux . i had facing same issue when my project was in my E drive . i gave read -write permission but still that was not enough for me . The same error was keep coming when i was trying to run the project .
I have shifted my project in my Home folder ,gave permission and the project ran !! .
I believe there was a problem with some permission for LINUX C compiler .
I’ve produced a C++ program in Eclipse running on Redhat, which compiles and runs fine through Eclipse.
I thought that to run it separately to Eclipse you use the build artifact which is in the directory set via the project’s properties.
However this executable doesn’t run (I know it’s an executable as I’ve set it to be an executable via the project’s properties and it shows up as such via the ls command and the file explorer).
When attempting to run it using the executable’s name, I get the error:
bash: <filename>: command not found
When attempting to run it as a bash file:
<filename>: <filename>: cannot execute binary file
And when running it with "./" before the file name, nothing happens. Nothing new appears in the running processes and the terminal just goes to the next line as though I’d just pressed enter with no command.
Any help?
You've more or less figure out the first error yourself. when you just run <filename> , it is not in your PATH environment variable, so you get "command not found". You have to give a full or relative path when to the program in order to run it, even if you're in the same directory as the program - you run it with ./<filename>
When you do run your program, it appears to just exit as soon as you start it - we can't help much with that without knowing what the program does or see some code.
You can do some debugging, e.g. after the program just exits run echo $? to see if it exited with a particular exit value, or run your program using the strace tool to see what it does (or do it the usual way, insert printf debugging, or debug it with gdb)