| .github/workflows | ||
| dashboard | ||
| docs | ||
| executor | ||
| Godeps | ||
| pkg | ||
| prog | ||
| sys | ||
| syz-ci | ||
| syz-fuzzer | ||
| syz-hub | ||
| syz-manager | ||
| tools | ||
| vendor | ||
| vm | ||
| .clang-format | ||
| .gitignore | ||
| .travis.yml | ||
| AUTHORS | ||
| CONTRIBUTORS | ||
| LICENSE | ||
| Makefile | ||
| README.md | ||
syzkaller - unsupervised coverage-guided kernel fuzzer
Instructions to set up syzkaller for ReactOS.
Getting ReactOS
-
Download the MSVC(i386) build of ReactOS that supports Syzkaller binaries from Github actions page :
https://github.com/reactos/reactos/pull/2930/checks -
Optionally you can build it yourself by cloning the my fork for ReactOS checking out the Syzkaller branch.
https://github.com/Freakston/reactos/tree/syzkaller https://reactos.org/wiki/Building_ReactOS
Setting up ReactOS on qemu
-
Create the qemu image using the following command
qemu-img create -f qcow2 ReactOS.img 8192MHere 8192M is the size of image.
-
Boot and install
qemu -L . -m 1024 -cdrom ReactOS.iso -hda ReactOS.img -boot d -localtime -serial file:ReactOS.logHere we are creating a machine with 1Gb of RAM.
NOTE: Detailed instructions can be found here : ReactOS-wiki
Building Syzkaller
- Clone the fork of Syzkaller that has support for ReactOS.
git clone https://github.com/reactos/syzkaller - Instal Go version 1.10
https://golang.org/dl/ - Make a copy of above cloned sources in the go path as follows.
$GOPATH/src/github.com/google/syzkaller
NOTE: The above step is required since we are using an older commit of current master.
- Building Syz-Stress.
cd tools/syz-stress/ GOOS=windows GOARCH=386 go build -o syz-stress.exe stress.go - Syz-executor (assumes cl cross-compiler is in PATH, preferably MSVC)
cl executor\executor_windows.cc -o syz-executor.exe \ kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib \ shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib \ winmm.lib rpcrt4.lib Crypt32.lib imm32.lib Urlmon.lib Oleaut32.lib \ Winscard.lib Opengl32.lib Mpr.lib Ws2_32.lib Bcrypt.lib Ncrypt.lib \ Synchronization.lib Shell32.lib Rpcns4.lib Mswsock.lib Mincore.lib \ Msimg32.lib RpcRT4.lib Rpcrt4.lib lz32.lib
NOTE: Alternatively you an download the latest build of syz-executor form here: https://github.com/reactos/syzkaller/actions
Running Syzkaller
Copy over Syz-stress and executor to the VM and place them in the same folder. Open a command prompt, change to the directory and use the following command to start fuzzing.
syz-stress.exe -threaded=0
Disclaimer
This is not the official Repo Official