Comments (26)
HI Symeon,
Congrats! :) I have seen this issue in the past but was unable to reproduce it. Could you provide more details about your environment?
from manul.
I will update Manul the next week, there are a lot of issues people reporting to me :)
from manul.
I can repro.
Windows 10 build 18956.1000.
Python 3.7.4.
Manul up to date from source as of this morning (2019/08/13).
Everything system-wise up to date.
from manul.
Looks like this is a Win10 problem. It is able to get past this point on Win7. Perhaps it's a problem with the security descriptors?
from manul.
It seems like a lot of people having this issue on Windows 10. So far, I don't know why memory is not accessible and will try to figure out that.
from manul.
I am still unable to reproduce this. Can someone try an older version of Python (e.g. 3.4) in your environment?
from manul.
Python3.4 is no longer available to download with automatic configuration. Compiling from source is too variable of a process. Would it actually make a difference? The problem is in the call to memset from manul.py. It's writing to a mapped address, but that operation is throwing an access violation exception.
from manul.
I see. I don't think it will make a huge difference. The error is weird and might indicate some problem with Python itself rather than Manul. We are just using API provided by cPython, right?
from manul.
Yeah, from ctypes import *
from manul.
Can someone try it again with the latest change?
from manul.
Whatever change you made to the CTYPES import is causing this error in Ubuntu.
from manul.
Fixed.
from manul.
At least it's now repeatably trying to write to 0x00000000.
from manul.
Ubuntu fix works on my machine, thanks!
from manul.
Ok, I managed to finally reproduce this problem on Windows. There is a fix that works on my platform. Try to run with the latest patch.
from manul.
It's getting further, no longer are access violations popping up all over the place. DBI = dynamorio still doesn't seem to work. It says that the binaries aren't instrumented, which is kinda the point.
from manul.
could you show me your config file?
from manul.
# Manul - configuration file
# -------------------------------------
# Maksim Shudrak <[email protected]> <[email protected]>
#
# Copyright 2019 Salesforce.com, inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at:
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Manul config file
# Format: <option_name> = <value>
# -----------------
# absolute path to dictionary with usefull tokens
#dict = dictionaries/test.dict
# Mutator weights (should be 10 in total). Use my_mutator:x,my_mutator_2:x to define and use your own
# custom mutator (should be 10 in total). Specify 0 to disable certain mutators. Weights basically are
# used to tell manul how many mutations per 10 executions should be performed by certain fuzzer.
# example afl:5,radamsa:2,my_awesome_fuzzer:3
# afl will be used to mutate 5 out of 10 cases, 2 out of 10 for radamsa and 3 out of 10 for my_awesome_fuzzer
# Your custom mutator's main file should be located in the same folder as manul.py.
# Two default mutators should always be defined (afl, radamsa)
mutator_weights=afl:10,radamsa:0
#mutator_weights=afl:6,radamsa:0,example_mutator:4
# Use determenistic seed for test cases generation (only radamsa option).
determenistic_seed = False
# Print fuzzing summary per thread instead of total summary
print_per_thread = False
# disable volatile bytes suppression algorithm
#disable_volatile_bytes = True
# Choose DBI framework to provide coverage back to Manul ("dynamorio" or "pin"). Example dbi = dynamorio
dbi = dynamorio
# If dbi param is not None the path to dbi engine launcher and dbi client should be specified.
dbi_root = C:\Users\Wes\source\repos\AutoFuzz\AutoFuzz\bin\Debug\netcoreapp3.0\manul\DynamoRIO-Windows-7.0.0-RC1\bin64\drrun.exe
dbi_client_root = C:\Users\Wes\source\repos\AutoFuzz\AutoFuzz\bin\Debug\netcoreapp3.0\manul\manul\win\dbi_64\binafl.dll
dbi_client_libs = None
# Timeout for target binary
timeout = 10
# net_config_master and net_config_slave below are used to share manul instances over network.
# Path to network configuration file with a list of IP:port slave addresses. Specified for master instance.
net_config_master = None
# IP and port to listen for connections from master (e.g. net_config_slave = 0.0.0.0:1337)
net_config_slave = None
# Run in debug mode, print details in console
debug = False
# Print Manul ASCII logo at the beginning
manul_logo = False
# Disable stats saving in the manul working dir
#no_stats = True
# Save debug messages to log files (one per thread)
logging_enable = False
# Bitmap sync frequency (5000 recommended for DBI mode)
sync_freq = 10000
# Custom path to save input file
#custom_path = test_path
# Command line fuzzing (experimental)
#cmd_fuzzing = True
# define signals to be ignored by manul
user_signals = 6
# Network fuzzing. Target IP address
#target_ip_port = 127.0.0.1:7715
# tcp | udp
#target_protocol = tcp
# wait time before actually start sending test cases in the socket
#net_init_wait = 1
# wait time between test cases
#net_sleep_between_cases = 0.0
from manul.
Are you sure that you are using this config? This error usually happens when dbi options are not enabled.
from manul.
Yes, I'm sure. I can try using --dbi=dynamorio
if you think it'll help.
from manul.
Could you also provide a command line that you use to run Manul?
from manul.
python3 manul\manul\manul.py -i manul\manul\in -o manul\manul\out -n 1 "..\..\..\..\Test\bin\Debug\netcoreapp3.0\Test.exe @@ testi"
from manul.
try to explicitly provide a path to the configuration file that you copy-pasted here.
from manul.
option "-c" for manul
from manul.
Same issue. I even deleted the config file from the default directory to make absolutely certain it's pointing at my copy.
from manul.
It is very weird. I have seen this error only when I forget to enable dbi=dynamorio option. Could open another issue about this. Seems like it is not related to this one. Thank you. I am closing this one for now.
from manul.
Related Issues (20)
- AttributeError: 'ModuleNotFoundError' object has no attribute 'message'
- ModuleNotFoundError: No module named 'adamsa' HOT 2
- Suggest : Stdin option (Like afl) HOT 2
- Suggest : verbose option HOT 3
- Crashes saved aren't really crashes HOT 2
- Windows test32/64 DR client crash
- windows issues HOT 4
- Add Radamsa as a library HOT 1
- It seems afl mutator never grows a buffer HOT 14
- It seems manul afl new path not increase on windows, but winafl can detected more path for same exe HOT 14
- Manul reports exception instead of crash in forkmode
- Integrate manul with FuzzBench HOT 1
- Add/test support of __afl_persistent_loop
- test_network.exe fuzzing config?
- Problem with crash detection in the fuzzstati0n/fuzzgoat project? HOT 2
- Performance manul vs afl++ HOT 1
- real path of input file HOT 7
- [Linux] Some python bugs (with fix) in dbi driver
- [linux] dbi mode doesn't work (as expected) HOT 1
- FileNotFoundError: [Errno 2] No such file or directory: 'manul.config'
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from manul.