Я пытаюсь использовать AFL++ для фаззинга 32-битной двоичной программы ARM с помощью инструмента qasan. К сожалению, двоичный файл, с которым я работаю, представляет собой веб-сервис: /usr/sbin/upnpd. Чтобы успешно запустить его, мне нужно выполнить его с помощью следующей команды, поскольку upnpd использует определенные библиотеки в файловой системе:
jfkk@jfkk:~/Desktop/_R6400-V1.0.1.18_1.0.15.chk.extracted$ QEMU_LD_PREFIX=./squashfs-root/ afl-fuzz -Q -i input -o out3 -m none -- ./squashfs-root/usr/sbin/upnpd @@
afl-fuzz++4.30c based on afl by Michal Zalewski and a large online community
[+] AFL++ is maintained by Marc "van Hauser" Heuse, Dominik Maier, Andrea Fioraldi and Heiko "hexcoder" Eißfeldt
[+] AFL++ is open source, get it at https://github.com/AFLplusplus/AFLplusplus
[+] NOTE: AFL++ >= v3 has changed defaults and behaviours - see README.md
[+] No -M/-S set, autoconfiguring for "-S default"
[*] Getting to work...
[+] Using exploration-based constant power schedule (EXPLORE)
[+] Enabled testcache with 50 MB
[+] Generating fuzz data with a length of min=1 max=1048576
[*] Checking core_pattern...
[*] Checking CPU scaling governor...
[+] You have 16 CPU cores and 4 runnable tasks (utilization: 25%).
[+] Try parallel jobs - see /usr/local/share/doc/afl/fuzzing_in_depth.md#c-using-multiple-cores
[*] Setting up output directories...
[+] Output directory exists but deemed OK to reuse.
[*] Deleting old session data...
[+] Output dir cleanup successful.
[*] Checking CPU core loadout...
[+] Found a free CPU core, try binding to #0.
[*] Validating target binary...
[*] Scanning 'input'...
[*] Creating hard links for all input files...
[+] Loaded a total of 1 seeds.
[*] No auto-generated dictionary tokens to reuse.
[*] Attempting dry run with 'id:000000,time:0,execs:0,orig:unsubPublic_UPNP_Event_1'...
[*] Spinning up the fork server...
[+] All right - old fork server is up.
[*] Target map size: 65536
len = 159, map size = 61, exec speed = 6071 us, hash = 94aebfbb9571be76
[+] All test cases processed.
[+] Here are some useful stats:
Test case count : 1 favored, 0 variable, 0 ignored, 1 total
Bitmap range : 61 to 61 bits (average: 61.00 bits)
Exec timing : 6071 to 6071 us (average: 6071 us)
[*] No -t option specified, so I'll use an exec timeout of 40 ms.
[+] All set and ready to roll!
AFL ++4.30c {default} (./squashfs-root/usr/sbin/upnpd) [explore]
┌─ process timing ────────────────────────────────────┬─ overall results ────┐
│ run time : 0 days, 0 hrs, 0 min, 1 sec │ cycles done : 0 │
│ last new find : none seen yet │ corpus count : 1 │
│last saved crash : none seen yet │saved crashes : 0 │
│ last saved hang : none seen yet │ saved hangs : 0 │
├─ cycle progress ─────────────────────┬─ map coverage┴──────────────────────┤
│ now processing : 0.2 (0.0%) │ map density : 0.09% / 0.09% │
│ runs timed out : 0 (0.00%) │ count coverage : 1.00 bits/tuple │
├─ stage progress ─────────────────────┼─ findings in depth ─────────────────┤
│ now trying : havoc │ favored items : 1 (100.00%) │
│ stage execs : 11/100 (11.00%) │ new edges on : 1 (100.00%) │
│ total execs : 135 │ total crashes : 0 (0 saved) │
│ exec speed : 78.25/sec (slow!) │ total tmouts : 10 (0 saved) │
├─ fuzzing strategy yields ────────────┴─────────────┬─ item geometry ───────┤
│ bit flips : 0/0, 0/0, 0/0 │ levels : 1 │
│ byte flips : 0/0, 0/0, 0/0 │ pending : 0 │
│ arithmetics : 0/0, 0/0, 0/0 │ pend fav : 0 │
│ known ints : 0/0, 0/0, 0/0 │ own finds : 0 │
│ dictionary : 0/0, 0/0, 0/0, 0/0 │ imported : 0 │
│havoc/splice : 0/100, 0/0 │ stability : 100.00% │
│py/custom/rq : unused, unused, unused, unused ├───────────────────────┘
│ trim/eff : 97.48%/11, n/a │ [cpu000: 31%]
└─ strategy: explore ────────── state: started :-) ──┘^C
+++ Testing aborted by user +++
[*] Writing out3/default/fastresume.bin ...
[+] Written fastresume.bin with 270441 bytes!
[+] We're done here. Have a nice day!
Однако, когда я пытаюсь использовать python3 ~/tools/qasan/qasan
jfkk@jfkk:~/Desktop/_R6400-V1.0.1.18_1.0.15.chk.extracted$ AFL_DEBUG=1 QEMU_LD_PREFIX=./squashfs-root/ afl-fuzz -U -i input -o out3 -m none -- python3 ~/tools/qasan/qasan ./squashfs-root/usr/sbin/upnpd @@
[+] Enabled environment variable AFL_DEBUG with value 1
[+] Enabled environment variable AFL_DEBUG with value 1
afl-fuzz++4.30c based on afl by Michal Zalewski and a large online community
[+] AFL++ is maintained by Marc "van Hauser" Heuse, Dominik Maier, Andrea Fioraldi and Heiko "hexcoder" Eißfeldt
[+] AFL++ is open source, get it at https://github.com/AFLplusplus/AFLplusplus
[+] NOTE: AFL++ >= v3 has changed defaults and behaviours - see README.md
[+] No -M/-S set, autoconfiguring for "-S default"
[*] Getting to work...
[+] Using exploration-based constant power schedule (EXPLORE)
[+] Enabled testcache with 50 MB
[+] Generating fuzz data with a length of min=1 max=1048576
[*] Checking core_pattern...
[*] Checking CPU scaling governor...
[+] You have 16 CPU cores and 3 runnable tasks (utilization: 19%).
[+] Try parallel jobs - see /usr/local/share/doc/afl/fuzzing_in_depth.md#c-using-multiple-cores
[*] Setting up output directories...
[+] Output directory exists but deemed OK to reuse.
[*] Deleting old session data...
[+] Output dir cleanup successful.
[*] Checking CPU core loadout...
[+] Found a free CPU core, try binding to #0.
[*] Validating target binary...
[*] Scanning 'input'...
[*] Creating hard links for all input files...
[+] Loaded a total of 1 seeds.
[*] No auto-generated dictionary tokens to reuse.
[*] Attempting dry run with 'id:000000,time:0,execs:0,orig:unsubPublic_UPNP_Event_1'...
[*] Spinning up the fork server...
AFL forkserver entrypoint: 0xae80
AFL forkserver entrypoint: 0xae80
./squashfs-root/usr/sbin/upnpd: can't load library 'ld-linux-armhf.so.3'
[-] Hmm, looks like the target binary terminated before we could complete a
handshake with the injected code. You can try the following:
- The target binary crashes because necessary runtime conditions it needs
are not met. Try to:
1. Run again with AFL_DEBUG=1 set and check the output of the target
binary for clues.
2. Run again with AFL_DEBUG=1 and 'ulimit -c unlimited' and analyze the
generated core dump.
- Possibly the target requires a huge coverage map and has CTORS.
Retry with setting AFL_MAP_SIZE=10000000.
Otherwise there is a horrible bug in the fuzzer.
Poke the Awesome Fuzzing Discord for troubleshooting tips.
[-] PROGRAM ABORT : Fork server handshake failed
Location : afl_fsrv_start(), src/afl-forkserver.c:1687
Даже после установки переменных среды проблема остается.
jfkk@jfkk:~/Desktop/_R6400-V1.0.1.18_1.0.15.chk.extracted$ AFL_DEBUG=1 QEMU_LD_PREFIX=./squashfs-root/ afl-fuzz -U -i input -o out3 -m none -- python3 ~/tools/qasan/qasan ./squashfs-root/usr/sbin/upnpd @@
[+] Enabled environment variable AFL_DEBUG with value 1
[+] Enabled environment variable AFL_DEBUG with value 1
afl-fuzz++4.30c based on afl by Michal Zalewski and a large online community
[+] AFL++ is maintained by Marc "van Hauser" Heuse, Dominik Maier, Andrea Fioraldi and Heiko "hexcoder" Eißfeldt
[+] AFL++ is open source, get it at https://github.com/AFLplusplus/AFLplusplus
[+] NOTE: AFL++ >= v3 has changed defaults and behaviours - see README.md
[+] No -M/-S set, autoconfiguring for "-S default"
[*] Getting to work...
[+] Using exploration-based constant power schedule (EXPLORE)
[+] Enabled testcache with 50 MB
[+] Generating fuzz data with a length of min=1 max=1048576
[*] Checking core_pattern...
[*] Checking CPU scaling governor...
[+] You have 16 CPU cores and 3 runnable tasks (utilization: 19%).
[+] Try parallel jobs - see /usr/local/share/doc/afl/fuzzing_in_depth.md#c-using-multiple-cores
[*] Setting up output directories...
[+] Output directory exists but deemed OK to reuse.
[*] Deleting old session data...
[+] Output dir cleanup successful.
[*] Checking CPU core loadout...
[+] Found a free CPU core, try binding to #0.
[*] Validating target binary...
[*] Scanning 'input'...
[*] Creating hard links for all input files...
[+] Loaded a total of 1 seeds.
[*] No auto-generated dictionary tokens to reuse.
[*] Attempting dry run with 'id:000000,time:0,execs:0,orig:unsubPublic_UPNP_Event_1'...
[*] Spinning up the fork server...
AFL forkserver entrypoint: 0xae80
AFL forkserver entrypoint: 0xae80
./squashfs-root/usr/sbin/upnpd: '/usr/arm-linux-gnueabihf/lib/libc.so.6' library contains unsupported TLS
./squashfs-root/usr/sbin/upnpd: '/usr/arm-linux-gnueabihf/lib/libc.so.6' library contains unsupported TLS
./squashfs-root/usr/sbin/upnpd: symbol '__aeabi_uldivmod': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '_Unwind_GetRegionStart': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__aeabi_uidiv': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__aeabi_ldivmod': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '_Unwind_GetLanguageSpecificData': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__aeabi_cdcmple': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__gnu_unwind_frame': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__aeabi_cfcmple': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__divdi3': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '_Unwind_GetTextRelBase': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__aeabi_f2lz': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__aeabi_d2ulz': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__aeabi_cfrcmple': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__aeabi_ul2f': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__aeabi_ul2d': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '_Unwind_VRS_Set': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '_Unwind_VRS_Get': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__aeabi_d2lz': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__aeabi_cdrcmple': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__udivmoddi4': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '_Unwind_VRS_Pop': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__aeabi_idiv': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__aeabi_l2f': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__aeabi_f2ulz': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__aeabi_l2d': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '_Unwind_GetDataRelBase': can't resolve symbol
[-] Hmm, looks like the target binary terminated before we could complete a
handshake with the injected code. You can try the following:
- The target binary crashes because necessary runtime conditions it needs
are not met. Try to:
1. Run again with AFL_DEBUG=1 set and check the output of the target
binary for clues.
2. Run again with AFL_DEBUG=1 and 'ulimit -c unlimited' and analyze the
generated core dump.
- Possibly the target requires a huge coverage map and has CTORS.
Retry with setting AFL_MAP_SIZE=10000000.
Otherwise there is a horrible bug in the fuzzer.
Poke the Awesome Fuzzing Discord for troubleshooting tips.
[-] PROGRAM ABORT : Fork server handshake failed
Location : afl_fsrv_start(), src/afl-forkserver.c:1687
Есть ли способ решить эту проблему? Я был бы очень признателен за любые рекомендации или предложения. Заранее спасибо!
Я пытаюсь использовать AFL++ для фаззинга 32-битной двоичной программы ARM с помощью инструмента qasan. К сожалению, двоичный файл, с которым я работаю, представляет собой веб-сервис: /usr/sbin/upnpd. Чтобы успешно запустить его, мне нужно выполнить его с помощью следующей команды, поскольку upnpd использует определенные библиотеки в файловой системе: [code]QEMU_LD_PREFIX=./squashfs-root/ afl-fuzz -Q -i input -o out3 -m none -- ./squashfs-root/usr/sbin/upnpd @@ [/code] Результаты следующие: [code]jfkk@jfkk:~/Desktop/_R6400-V1.0.1.18_1.0.15.chk.extracted$ QEMU_LD_PREFIX=./squashfs-root/ afl-fuzz -Q -i input -o out3 -m none -- ./squashfs-root/usr/sbin/upnpd @@ afl-fuzz++4.30c based on afl by Michal Zalewski and a large online community [+] AFL++ is maintained by Marc "van Hauser" Heuse, Dominik Maier, Andrea Fioraldi and Heiko "hexcoder" Eißfeldt [+] AFL++ is open source, get it at https://github.com/AFLplusplus/AFLplusplus [+] NOTE: AFL++ >= v3 has changed defaults and behaviours - see README.md [+] No -M/-S set, autoconfiguring for "-S default" [*] Getting to work... [+] Using exploration-based constant power schedule (EXPLORE) [+] Enabled testcache with 50 MB [+] Generating fuzz data with a length of min=1 max=1048576 [*] Checking core_pattern... [*] Checking CPU scaling governor... [+] You have 16 CPU cores and 4 runnable tasks (utilization: 25%). [+] Try parallel jobs - see /usr/local/share/doc/afl/fuzzing_in_depth.md#c-using-multiple-cores [*] Setting up output directories... [+] Output directory exists but deemed OK to reuse. [*] Deleting old session data... [+] Output dir cleanup successful. [*] Checking CPU core loadout... [+] Found a free CPU core, try binding to #0. [*] Validating target binary... [*] Scanning 'input'... [*] Creating hard links for all input files... [+] Loaded a total of 1 seeds. [*] No auto-generated dictionary tokens to reuse. [*] Attempting dry run with 'id:000000,time:0,execs:0,orig:unsubPublic_UPNP_Event_1'... [*] Spinning up the fork server... [+] All right - old fork server is up. [*] Target map size: 65536 len = 159, map size = 61, exec speed = 6071 us, hash = 94aebfbb9571be76 [+] All test cases processed. [+] Here are some useful stats:
Test case count : 1 favored, 0 variable, 0 ignored, 1 total Bitmap range : 61 to 61 bits (average: 61.00 bits) Exec timing : 6071 to 6071 us (average: 6071 us)
[*] No -t option specified, so I'll use an exec timeout of 40 ms. [+] All set and ready to roll!
+++ Testing aborted by user +++ [*] Writing out3/default/fastresume.bin ... [+] Written fastresume.bin with 270441 bytes! [+] We're done here. Have a nice day!
[/code] Однако, когда я пытаюсь использовать python3 ~/tools/qasan/qasan [code]AFL_DEBUG=1 QEMU_LD_PREFIX=./squashfs-root/ afl-fuzz -U -i input -o out3 -m none -- python3 ~/tools/qasan/qasan ./squashfs-root/usr/sbin/upnpd @@ [/code] не удается найти некоторые необходимые библиотеки. [code]jfkk@jfkk:~/Desktop/_R6400-V1.0.1.18_1.0.15.chk.extracted$ AFL_DEBUG=1 QEMU_LD_PREFIX=./squashfs-root/ afl-fuzz -U -i input -o out3 -m none -- python3 ~/tools/qasan/qasan ./squashfs-root/usr/sbin/upnpd @@ [+] Enabled environment variable AFL_DEBUG with value 1 [+] Enabled environment variable AFL_DEBUG with value 1 afl-fuzz++4.30c based on afl by Michal Zalewski and a large online community [+] AFL++ is maintained by Marc "van Hauser" Heuse, Dominik Maier, Andrea Fioraldi and Heiko "hexcoder" Eißfeldt [+] AFL++ is open source, get it at https://github.com/AFLplusplus/AFLplusplus [+] NOTE: AFL++ >= v3 has changed defaults and behaviours - see README.md [+] No -M/-S set, autoconfiguring for "-S default" [*] Getting to work... [+] Using exploration-based constant power schedule (EXPLORE) [+] Enabled testcache with 50 MB [+] Generating fuzz data with a length of min=1 max=1048576 [*] Checking core_pattern... [*] Checking CPU scaling governor... [+] You have 16 CPU cores and 3 runnable tasks (utilization: 19%). [+] Try parallel jobs - see /usr/local/share/doc/afl/fuzzing_in_depth.md#c-using-multiple-cores [*] Setting up output directories... [+] Output directory exists but deemed OK to reuse. [*] Deleting old session data... [+] Output dir cleanup successful. [*] Checking CPU core loadout... [+] Found a free CPU core, try binding to #0. [*] Validating target binary... [*] Scanning 'input'... [*] Creating hard links for all input files... [+] Loaded a total of 1 seeds. [*] No auto-generated dictionary tokens to reuse. [*] Attempting dry run with 'id:000000,time:0,execs:0,orig:unsubPublic_UPNP_Event_1'... [*] Spinning up the fork server... AFL forkserver entrypoint: 0xae80 AFL forkserver entrypoint: 0xae80 ./squashfs-root/usr/sbin/upnpd: can't load library 'ld-linux-armhf.so.3'
[-] Hmm, looks like the target binary terminated before we could complete a handshake with the injected code. You can try the following:
- The target binary crashes because necessary runtime conditions it needs are not met. Try to: 1. Run again with AFL_DEBUG=1 set and check the output of the target binary for clues. 2. Run again with AFL_DEBUG=1 and 'ulimit -c unlimited' and analyze the generated core dump.
- Possibly the target requires a huge coverage map and has CTORS. Retry with setting AFL_MAP_SIZE=10000000.
Otherwise there is a horrible bug in the fuzzer. Poke the Awesome Fuzzing Discord for troubleshooting tips.
[-] PROGRAM ABORT : Fork server handshake failed Location : afl_fsrv_start(), src/afl-forkserver.c:1687
[/code] Даже после установки переменных среды проблема остается. [code]export LD_LIBRARY_PATH=/usr/arm-linux-gnueabihf/lib:/usr/arm-linux-gnueabihf/libc [/code] и я получаю следующие ошибки: [code]jfkk@jfkk:~/Desktop/_R6400-V1.0.1.18_1.0.15.chk.extracted$ AFL_DEBUG=1 QEMU_LD_PREFIX=./squashfs-root/ afl-fuzz -U -i input -o out3 -m none -- python3 ~/tools/qasan/qasan ./squashfs-root/usr/sbin/upnpd @@ [+] Enabled environment variable AFL_DEBUG with value 1 [+] Enabled environment variable AFL_DEBUG with value 1 afl-fuzz++4.30c based on afl by Michal Zalewski and a large online community [+] AFL++ is maintained by Marc "van Hauser" Heuse, Dominik Maier, Andrea Fioraldi and Heiko "hexcoder" Eißfeldt [+] AFL++ is open source, get it at https://github.com/AFLplusplus/AFLplusplus [+] NOTE: AFL++ >= v3 has changed defaults and behaviours - see README.md [+] No -M/-S set, autoconfiguring for "-S default" [*] Getting to work... [+] Using exploration-based constant power schedule (EXPLORE) [+] Enabled testcache with 50 MB [+] Generating fuzz data with a length of min=1 max=1048576 [*] Checking core_pattern... [*] Checking CPU scaling governor... [+] You have 16 CPU cores and 3 runnable tasks (utilization: 19%). [+] Try parallel jobs - see /usr/local/share/doc/afl/fuzzing_in_depth.md#c-using-multiple-cores [*] Setting up output directories... [+] Output directory exists but deemed OK to reuse. [*] Deleting old session data... [+] Output dir cleanup successful. [*] Checking CPU core loadout... [+] Found a free CPU core, try binding to #0. [*] Validating target binary... [*] Scanning 'input'... [*] Creating hard links for all input files... [+] Loaded a total of 1 seeds. [*] No auto-generated dictionary tokens to reuse. [*] Attempting dry run with 'id:000000,time:0,execs:0,orig:unsubPublic_UPNP_Event_1'... [*] Spinning up the fork server... AFL forkserver entrypoint: 0xae80 AFL forkserver entrypoint: 0xae80 ./squashfs-root/usr/sbin/upnpd: '/usr/arm-linux-gnueabihf/lib/libc.so.6' library contains unsupported TLS ./squashfs-root/usr/sbin/upnpd: '/usr/arm-linux-gnueabihf/lib/libc.so.6' library contains unsupported TLS
./squashfs-root/usr/sbin/upnpd: symbol '__aeabi_uldivmod': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '_Unwind_GetRegionStart': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__aeabi_uidiv': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__aeabi_ldivmod': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '_Unwind_GetLanguageSpecificData': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__aeabi_cdcmple': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__gnu_unwind_frame': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__aeabi_cfcmple': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__divdi3': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '_Unwind_GetTextRelBase': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__aeabi_f2lz': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__aeabi_d2ulz': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__aeabi_cfrcmple': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__aeabi_ul2f': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__aeabi_ul2d': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '_Unwind_VRS_Set': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '_Unwind_VRS_Get': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__aeabi_d2lz': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__aeabi_cdrcmple': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__udivmoddi4': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '_Unwind_VRS_Pop': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__aeabi_idiv': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__aeabi_l2f': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__aeabi_f2ulz': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '__aeabi_l2d': can't resolve symbol
./squashfs-root/usr/sbin/upnpd: symbol '_Unwind_GetDataRelBase': can't resolve symbol
[-] Hmm, looks like the target binary terminated before we could complete a handshake with the injected code. You can try the following:
- The target binary crashes because necessary runtime conditions it needs are not met. Try to: 1. Run again with AFL_DEBUG=1 set and check the output of the target binary for clues. 2. Run again with AFL_DEBUG=1 and 'ulimit -c unlimited' and analyze the generated core dump.
- Possibly the target requires a huge coverage map and has CTORS. Retry with setting AFL_MAP_SIZE=10000000.
Otherwise there is a horrible bug in the fuzzer. Poke the Awesome Fuzzing Discord for troubleshooting tips.
[-] PROGRAM ABORT : Fork server handshake failed Location : afl_fsrv_start(), src/afl-forkserver.c:1687
[/code] Есть ли способ решить эту проблему? Я был бы очень признателен за любые рекомендации или предложения. Заранее спасибо!
Мобильная версия