-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathconfig.py
48 lines (36 loc) · 1.47 KB
/
config.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
import os
import pwn
# Target to fuzz
OBJ_PATH = "test.c.o"
# AFL slave count
AFL_NUM_SLAVE = 1
# NO NEED TO CHANGE
LOCAL_UNINSTRUMENTED_EXEC_PATH = "./harness"
REMOTE_UNINSTRUMENTED_EXEC_PATH = "/tmp/harness"
QEMU_BIN = "./qemu_stdout"
DUMPER_PATH = "./dumper"
SHM_KEY = f"bz.shm"
QEMU_TIMEOUT = 30
QSYM_TIMEOUT = 30
# NO NEED TO CHANGE IF USING run_afl.py
AFL_FUZZ_PATH = "./AFLplusplus/afl-fuzz"
AFL_IN_PATH = "./in"
AFL_OUT_PATH = "./out"
AFL_SLAVE_NAME = "s"
AFL_MASTER_NAME = "m"
AFL_CORPUS_PATH = f"{AFL_OUT_PATH}/{AFL_MASTER_NAME}/queue" # the directory of the afl master corpus
# QSYM Remote setup
USE_SSH = True
if not USE_SSH:
os.system(f"mkdir /tmp/digfuzz && cp {LOCAL_UNINSTRUMENTED_EXEC_PATH} /tmp/digfuzz/harness")
PIN_SH = "/workdir/qsym/third_party/pin-2.14-71313-gcc.4.4.7-linux/pin.sh" # the location of qsym script remote
QSYM_OBJECT_PATH = "/workdir/qsym/qsym/pintool/obj-intel64/libqsym.so" # the location of qsym pin obj remote
QSYM_IMAGE_NAME = "qsym"
QSYM_CMD = ["docker", "-v", "/tmp/digfuzz:/tmp/digfuzz", QSYM_IMAGE_NAME]
else:
QSYM_HOST = '18.237.37.59'
QSYM_UN = 'ubuntu'
QSYM_KEYFILE = "./seem-priv-key.PEM"
QSYM_SSH_CONN = pwn.ssh(host=QSYM_HOST, user=QSYM_UN, keyfile=QSYM_KEYFILE)
PIN_SH = "/home/ubuntu/qsym/third_party/pin-2.14-71313-gcc.4.4.7-linux/pin.sh" # the location of qsym script remote
QSYM_OBJECT_PATH = "/home/ubuntu/qsym/qsym/pintool/obj-intel64/libqsym.so" # the location of qsym pin obj remote