Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

How to run driller

See original GitHub issue

Hello, Could someone explain me how to run Driller? When I execute the run.py script, Driller listens for crashes but the fuzzer doesn’t seem to start fuzzing. Thank you in advance.

$ python2 ~/software/driller/run.py bin/
INFO    | 2017-04-05 13:29:15,025 | driller | 1 binaries found
INFO    | 2017-04-05 13:29:15,025 | driller | 1 binaries found
INFO    | 2017-04-05 13:29:15,025 | driller | going to work on 1
INFO    | 2017-04-05 13:29:15,074 | driller | listening for crashes..

Issue Analytics

  • State:closed
  • Created 6 years ago
  • Comments:5 (4 by maintainers)

github_iconTop GitHub Comments

1reaction
ekilmercommented, Apr 26, 2017

If you can get Redis and Celery running on the same machine, then you can execute

./run.py <bin_dir>

in one terminal and

./node.py

in another terminal. You’ll be dividing your machine’s resources between fuzzing and symbolic execution, though.

My config.py also looks something like this:

### Redis Options
REDIS_HOST = 'localhost'
REDIS_PORT = 6379
REDIS_DB = 1

### Celery Options
BROKER_URL = 'pyamqp://myuser:mypasswd@localhost:5672/myvhost'

CELERY_ROUTES = {'driller.tasks.fuzz': {'queue': 'fuzzer'}, 'driller.tasks.drill': {'queue': 'driller'}}

### Environment Options

# directory contain driller-qemu versions, relative to the directoy node.py is invoked in
QEMU_DIR = None

# directory containing the binaries, used by the driller node to find binaries
BINARY_DIR = '/drill-bins'

# directory containing the pcap corpus
PCAP_DIR = '/pcaps'

### Driller options
# how long to drill before giving up in seconds
DRILL_TIMEOUT = 60 * 60 * 2

# 16 GB
MEM_LIMIT = 16*1024*1024*1024

# where to write a debug file that contains useful debugging information like
# AFL's fuzzing bitmap, input used, binary path, time started.
# Uses following naming convention:
#   <binary_basename>_<input_str_md5>.py
DEBUG_DIR = '/drill-logs'

### Fuzzer options

# how often to check for crashes in seconds
CRASH_CHECK_INTERVAL = 60

# how long to fuzz before giving up in seconds
FUZZ_TIMEOUT = 60 * 60 * 24 * 5

# how long before we kill a dictionary creation process
DICTIONARY_TIMEOUT = 60 * 60

# how many fuzzers should be spun up when a fuzzing job is received
FUZZER_INSTANCES = 4

# where the fuzzer should place it's results on the filesystem
FUZZER_WORK_DIR = '/media/fuzz-ramdisk'

I’m using RabbitMQ with Celery, and I don’t believe DRILL_TIMEOUT or FUZZ_TIMEOUT works with run.py or node.py (although I haven’t tested it extensively). I would also look at https://github.com/mechaphish/worker and https://github.com/mechaphish/meister if you really want to get into it.

When restarting the jobs, I kill everything with pkill python; pkill celery; pkill afl-fuzz. Use that at your own risk if you have multiple python processes running that aren’t related to angr.

I also clear the Celery queues with

rabbitmqadmin -u myuser -p mypasswd -V myvhost purge queue name=driller

and

rabbitmqadmin -u myuser -p mypasswd -V myvhost purge queue name=fuzzer

You can view the number of jobs in each queue with

rabbitmqadmin -u myuser -p mypasswd -V myvhost list queues vhost name node messages message_stats.publish_details.rate
0reactions
zarduscommented, May 15, 2017

I just uploaded the following script: https://github.com/shellphish/fuzzer/blob/master/shellphuzz

It facilitates drilling on a single machine, and is definitely easier than the whole redis/celery or kubernetes setup.

Read more comments on GitHub >

github_iconTop Results From Across the Web

Running Drills for Proper Running Form - TrainingPeaks
Do each drill for 10 to 20 meters, and go through the sequence at least once. If time permits, you can repeat the...
Read more >
8 Powerful Running Drills To Improve Your Speed And ...
1. High Knees. This classic drill accentuates the running position, which builds up your calves, hamstrings, and glutes with more power for a ......
Read more >
5 Running Drills To Become A Better Runner | Polar Blog
Focus on using your arms efficiently and keeping the right range of motion. When your legs start to respond better, add speed to...
Read more >
Improve your running form with these 8 running drills - Suunto
8 Essential running form drills · Skip with high knees (“A” skips) · Run with high knees · “B” skips · Butt kicks...
Read more >
7 Running Drills to Improve Speed, Form and Efficiency
High Knees · A-Skip · B-Skip · Butt-kicks · Butt-kicks (variation) · Straight-leg bounds · Carioca.
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Testing driller with a program that reads a file

Next page

support for webpack 5