-
Maintained by:
Intel Corporation -
Where to get help:
Discussions, Issues
This image allows you to run the kAFL fuzzer packaged as a convenient Docker container.
It contains all the userland kAFL components required to execute the fuzzer (custom QEMU, libxdc, capstone, radamsa and the Python fuzzer frontend).
A kAFL-compatible kernel is required to fuzz a given target.
➡️ Please check the official installation guide and follow the setup path that uses a Docker image.
➡️ You can pursue with the linux kernel fuzzing tutorial
This image requires specific Docker parameters to be launched:
Let's take an example of fuzzing the Linux Kernel:
docker run \
-ti --rm \
--device /dev/kvm \
-v my_workdir:/mnt/workdir \
-v my_kernel:/mnt/kernel \
--user $(id -u):$(id -g) \
--group-add $(getent group kvm | cut -d: -f3) \
intellabs/kafl \
--purge \
-w /mnt/workdir \
--redqueen --grimoire -D --radamsa \
--kernel /mnt/kernel \
-t 0.1 -ts 0.01 -m 512 --log-crashes -p 2--device /dev/kvm:/dev/kvmneeds to be exposed in the Docker container for QEMU to issueioctls-v my_workdir:/mnt/workdir: exposing our kAFL workdir as a volume in the container. Note: you need to create this directory by yourself before launching the container, otherwise it will be created by the Docker daemon asroot:root-v my_kernel:/mnt/kernel: exposing our kernel to be fuzzed as a volume in the container--user $(id -u):$(id -g): execute kAFL as the same host user to preserve permissions on the mounted workdir--group-add $(getent group kvm | cut -d: -f3): add the container user in the hostkvmgroup. This is required to writeioctlson/dev/kvm, which hasroot:kvmfile permissionsintellabs/kafl: the name of this image--purge ...: kAFL command line parameters