x64.moe

How to use crashwalk

April 02, 2020

How to use crashwalk

crashwalk can check to quickly determine which crashes may lead to exploitable or not.

Install

  1. Install gdb and golang by apt
  2. Download exploitable.py
  3. Install crashwalk
$ sudo apt install gdb golang
$ mkdir ~/src
$ cd ~/src
$ git clone https://github.com/jfoote/exploitable
$ go get -u github.com/bnagy/crashwalk/cmd/...

Usage

crashwalk can be used immediately if there is a path of AFL crash outputs.

For example, I will show using crashwalk on ./target.

$ cwtriage -root ./output/crashes -match id -- ./target @@

crashwalk will output crash result to crashwalk.db.

If you want to output to txt file, you can use the following command.

$ cwtriage -root ./output/crashes -match id -- ./target @@ > result.txt

How to read crashwalk.db

crashwalk built-in cwdump. This tool get a summary of the crashes on crashwalk.db.

$ cwdump ./crashwalk.db

Happy fuzzing!

tags: Fuzzing

FAMASoon

Written by FAMASoon. Twitter/GitHub