Exercise 1 — AFL++ basics
Placeholder content — fill in with the real lab steps.
Goals
- Understand what coverage-guided fuzzing is and why AFL++ uses it.
- Build a target with
afl-clang-fastinstrumentation. - Run
afl-fuzzagainst the instrumented target with a small seed corpus. - Triage a crash that AFL++ finds.
Steps
- Clone the lab target repo.
- Build with
afl-clang-fast/afl-clang-fast++. - Prepare a
seeds/directory with a couple of valid inputs. - Run
afl-fuzz -i seeds -o out -- ./target @@. - Inspect crashes under
out/default/crashes/and reproduce one.