diff options
author | Damiano Melotti <dmelotti@quarkslab.com> | 2022-01-17 17:38:46 +0100 |
---|---|---|
committer | Damiano Melotti <dmelotti@quarkslab.com> | 2022-01-17 17:38:46 +0100 |
commit | 34caf7d7816382575bb8045f809c03526ca534a2 (patch) | |
tree | 3271f6957e2860730ca31be60f1d9a6518ea197e /unicorn_mode | |
parent | a45cdb240c20e019a98ab9b143bb928d91e7f959 (diff) | |
download | AFLplusplus-34caf7d7816382575bb8045f809c03526ca534a2.tar.gz |
Cleaned unicorn speedtest sample README
Diffstat (limited to 'unicorn_mode')
-rw-r--r-- | unicorn_mode/samples/speedtest/README.md | 40 |
1 files changed, 4 insertions, 36 deletions
diff --git a/unicorn_mode/samples/speedtest/README.md b/unicorn_mode/samples/speedtest/README.md index 9305417c..f46a5772 100644 --- a/unicorn_mode/samples/speedtest/README.md +++ b/unicorn_mode/samples/speedtest/README.md @@ -6,6 +6,10 @@ to show the raw speed of C, Rust, and Python harnesses. ## Compiling... Make sure you built unicornafl first (`../../build_unicorn_support.sh`). +Build the target using the provided Makefile. +This will also run the [./get_offsets.py](./get_offsets.py) script, +which finds some relevant addresses in the target binary using `objdump`, +and dumps them to different files. Then, follow these individual steps: ### Rust @@ -34,39 +38,3 @@ cd python ## Results TODO: add results here. - -## Compiling speedtest_target.c - -You shouldn't need to compile simple_target.c since a X86_64 binary version is -pre-built and shipped in this sample folder. This file documents how the binary -was built in case you want to rebuild it or recompile it for any reason. - -The pre-built binary (simple_target_x86_64.bin) was built using -g -O0 in gcc. - -Then load the binary and execute the main function directly. - -## Addresses for the harness - -To find the address (in hex) of main, run: - -```bash -objdump -M intel -D target | grep '<main>:' | cut -d" " -f1 -``` - -To find all call sites to magicfn, run: - -```bash -objdump -M intel -D target | grep '<magicfn>$' | cut -d":" -f1 -``` - -For malloc callsites: - -```bash -objdump -M intel -D target | grep '<malloc@plt>$' | cut -d":" -f1 -``` - -And free callsites: - -```bash -objdump -M intel -D target | grep '<free@plt>$' | cut -d":" -f1 -```
\ No newline at end of file |