Hi! This is the first post about kelinci. A tool which allows to fuzz java programs using AFL as the base. You can find the github repo at https://github.com/isstac/kelinci.
Step 1: Install AFL
wget http://lcamtuf.coredump.cx/afl/releases/afl-latest.tgz tar -xzvf afl-latest.tgz cd afl-2.52b/ make sudo make install
Step 2: Install Kelinci
git clone https://github.com/isstac/kelinci.git cd fuzzerside make cd instrumentor gradle build (requires OpenJDK-11)
An Example
Kelinci provides several examples. Here I will show one example from them with the outputs.
Step 1: Compile the driver java class
cd example/jdk-imageio mkdir bin javac src/*.java -d bin
Step 2: Instrument
java -cp ../../instrumentor/build/libs/kelinci.jar edu.cmu.sv.kelinci.instrumentor.Instrumentor -i bin -o bin-instrumented
Step 3: Create input directory for AFL and download an image
mkdir in_dir wget http://www.petguide.com/wp-content/uploads/2016/05/american-fuzzy-lop-2.jpg -P in_dir
Step 4: Testing binary
java -cp bin-instrumented DriverKelinci in_dir/american-fuzzy-lop-2.jpg
Step 5: Starting Kelinci server
java -cp bin-instrumented edu.cmu.sv.kelinci.Kelinci DriverKelinci @@
Step 6: Test interface
Open a new terminal at the same directory;
../../fuzzerside/interface in_dir/american-fuzzy-lop-2.jpg
Step 7: Run AFL
afl-fuzz -i in_dir -o out_dir ../../fuzzerside/interface @@
In overall results you can see two unique crashes found by the fuzzer.
Cheers ! 🙂