def main():
KAFL_ROOT = os.path.dirname(os.path.realpath(__file__)) + "/"
KAFL_CONFIG = KAFL_ROOT + "kafl.ini"
print("<< " + common.color.BOLD + common.color.OKGREEN +
" kAFL Coverage Analyzer " + common.color.ENDC + ">>\n")
if not self_check(KAFL_ROOT):
return -1
config = DebugConfiguration(KAFL_CONFIG)
if not post_self_check(config):
return -1
verbose = config.argument_values['v']
if verbose:
enable_logging(config.argument_values["work_dir"])
data_dir = config.argument_values["input"]
print(" Scanning target data_dir »%s«..." % data_dir)
input_list = get_inputs_by_time(data_dir)
trace_dir = generate_traces(config, input_list)
if not trace_dir:
return -1
plot_bbs_from_traces(trace_dir, input_list)
def main():
global null_hash
KAFL_ROOT = os.path.dirname(os.path.realpath(__file__)) + "/"
KAFL_CONFIG = KAFL_ROOT + "kafl.ini"
print("<< " + common.color.BOLD + common.color.OKGREEN +
" kAFL Coverage Analyzer " + common.color.ENDC + ">>\n")
if not self_check(KAFL_ROOT):
return -1
config = DebugConfiguration(KAFL_CONFIG)
if not post_self_check(config):
return -1
verbose = config.argument_values['v']
if verbose:
enable_logging(config.argument_values["work_dir"])
data_dir = config.argument_values["input"]
null_hash = ExecutionResult.get_null_hash(
config.config_values['BITMAP_SHM_SIZE'])
print(" Scanning target data_dir »%s«..." % data_dir)
input_list = get_inputs_by_time(data_dir)
trace_dir = generate_traces(config, input_list)
if not trace_dir:
return -1
trace_parser = TraceParser(trace_dir)
trace_parser.parse_trace_list(input_list)
trace_parser.gen_reports()
def main():
with open(KAFL_BANNER) as f:
for line in f:
print(line.replace("\n", ""))
print("<< " + common.color.BOLD + common.color.OKGREEN + sys.argv[0] +
": kAFL Debugger " + common.color.ENDC + ">>\n")
if not self_check(KAFL_ROOT):
return 1
import debug.core
cfg = DebugConfiguration(KAFL_CONFIG)
return debug.core.start(cfg)
def start():
config = DebugConfiguration()
prepare_working_dir(config.argument_values['work_dir'])
if not post_self_check(config):
return -1
if config.argument_values['v']:
enable_logging(config.argument_values["work_dir"])
if not config.argument_values['ip0']:
print(common.color.WARNING + "[WARNING]\tNo trace region configured!" +
common.color.ENDC)
if (config.argument_values['debug_mode'] == "noise"):
debug_non_det(config,
open(config.argument_values["payload"][0]).read())
if (config.argument_values['debug_mode'] == "noise-multiple"):
q = qemu(1337, config, debug_mode=False)
q.start(verbose=False)
for e in config.argument_values["payload"]:
print("FILE: " + e)
debug_non_det(config, open(e).read(), max_iterations=20, q=q)
elif (config.argument_values['debug_mode'] == "benchmark"):
benchmark(config)
elif (config.argument_values['debug_mode'] == "trace"):
debug_execution(config, config.argument_values['i'])
elif (config.argument_values['debug_mode'] == "trace-qemu"):
debug_execution(config, config.argument_values['i'], qemu_verbose=True)
elif (config.argument_values['debug_mode'] == "printk"):
debug_execution(config, 1, qemu_verbose=True, notifiers=False)
elif (config.argument_values['debug_mode'] == "redqueen"):
redqueen_dbg(config, qemu_verbose=False)
elif (config.argument_values['debug_mode'] == "redqueen-qemu"):
redqueen_dbg(config, qemu_verbose=True)
elif (config.argument_values['debug_mode'] == "cov"):
redqueen_cov(config, qemu_verbose=True)
elif (config.argument_values['debug_mode'] == "verify"):
verify_dbg(config, qemu_verbose=True)
return 0