| Name | Date | Size | #Lines | LOC | ||
|---|---|---|---|---|---|---|
| .. | - | - | ||||
| corpus_http1/ | 03-May-2024 | - | 78,195 | 69,924 | ||
| corpus_http2/ | 03-May-2024 | - | 99,043 | 85,834 | ||
| README.md | D | 03-May-2024 | 1.3 KiB | 46 | 33 | |
| httpd-master.honggfuzz.patch | D | 03-May-2024 | 4.5 KiB | 169 | 166 | |
| httpd.conf.h1 | D | 03-May-2024 | 2.2 KiB | 87 | 86 | |
| httpd.conf.h2 | D | 03-May-2024 | 2.1 KiB | 86 | 85 | |
| httpd.wordlist | D | 03-May-2024 | 2.8 KiB | 202 | 197 |
README.md
1# Fuzzing Apache 2.4 # 2 3**Requirements** 4 5 * honggfuzz (1.0 or from the master branch) 6 * clang-4.0, or newer (5.0 works as well) 7 * apache (e.g.: 2.4.25 or the master branch from git) 8 9**Preparation** 10 11Note: The examples provided below use hardcoded paths (here to _/home/swiecki/_) and 12version strings of the libraries (e.g. apr-_1.5.2_). These will have to be modified, so they reflect your actual build environment. 13 141. Compile honggfuzz 152. Download and unpack the following packages: apr, apr-util, ngttp2, and Apache's httpd 163. Patch Apache's httpd 17 ``` 18$ cd httpd-master 19$ patch -p1 < httpd-master.honggfuzz.patch 20 ``` 214. Configure, compile and install Apache 22 * edit compile_and_install.sh to contain valid versions/paths 23 ``` 24$ ./compile_and_install.sh 25 ``` 26 275. Copy the custom configuration files to ```/home/swiecki/fuzz/apache/apache2/conf/``` (i.e. to your apache dist directory) 28 29 ``` 30$ cp httpd.conf.h1 httpd.conf.h2 /home/swiecki/fuzz/apache/apache2/conf/ 31 ``` 32 33**Fuzzing** 34 35 * HTTP/1 36 37 ``` 38$ honggfuzz/honggfuzz -P -f corpus_http1 -w ./httpd.wordlist -- ./apache2/bin/httpd -DFOREGROUND -f /home/swiecki/fuzz/apache/apache2/conf/httpd.conf.h1 39 ``` 40 41 * HTTP/2 42 43``` 44$ honggfuzz/honggfuzz -P -f corpus_http2 -w ./httpd.wordlist -- ./apache2/bin/httpd -DFOREGROUND -f /home/swiecki/fuzz/apache/apache2/conf/httpd.conf.h2 45``` 46