代码之家  ›  专栏  ›  技术社区  ›  aneela

尝试使用openssl 1.0.1f用afl-fuzz重新创建heatbleed

afl-fuzz heartbleed-bug handshake openssl ssl
  •  0
  • aneela  · 技术社区  · 6 年前

    我在这里尝试在之前的openssl版本上重新创建heartbleed bug。 1.0.1g 所以我选择了 openssl 1.0.1f . 我安装了AFL-Fuzz,然后安装了OpenSSL。借助于 this this 我想我已经安装了openssl,但最终它给了我一个奇怪的错误。 

    ../libcrypto.a(x86_64cpuid.o): In function `OPENSSL_cleanse':
(.text+0x1a0): multiple definition of `OPENSSL_cleanse'
../libcrypto.a(mem_clr.o):mem_clr.c:(.text+0x0): first defined here
../libcrypto.a(cmll-x86_64.o): In function `Camellia_cbc_encrypt':
(.text+0x1f00): multiple definition of `Camellia_cbc_encrypt'
../libcrypto.a(cmll_cbc.o):cmll_cbc.c:(.text+0x0): first defined here
../libcrypto.a(aes-x86_64.o): In function `AES_encrypt':
(.text+0x460): multiple definition of `AES_encrypt'
../libcrypto.a(aes_core.o):aes_core.c:(.text+0x62e): first defined here
../libcrypto.a(aes-x86_64.o): In function `AES_decrypt':
(.text+0x9f0): multiple definition of `AES_decrypt'
../libcrypto.a(aes_core.o):aes_core.c:(.text+0xad1): first defined here
../libcrypto.a(aes-x86_64.o): In function `private_AES_set_encrypt_key':
(.text+0xab0): multiple definition of `private_AES_set_encrypt_key'
../libcrypto.a(aes_core.o):aes_core.c:(.text+0x0): first defined here
../libcrypto.a(aes-x86_64.o): In function `private_AES_set_decrypt_key':
(.text+0xd80): multiple definition of `private_AES_set_decrypt_key'
../libcrypto.a(aes_core.o):aes_core.c:(.text+0x403): first defined here
../libcrypto.a(aes-x86_64.o): In function `AES_cbc_encrypt':
(.text+0xfa0): multiple definition of `AES_cbc_encrypt'
../libcrypto.a(aes_cbc.o):aes_cbc.c:(.text+0x0): first defined here
collect2: error: ld returned 1 exit status
make[2]: *** [link_app.] Error 1

    我跑 openssl version 命令和它成功运行给我输出 OpenSSL 1.0.1f 6 Jan 2014 所以我认为它已经安装好了(不知道如何处理错误)。

    现在下一步就是找到一个代码来使用我发现的openssl here 握手.c文件。但是,它没有成功编译。 afl-gcc handshake.c libssl.a libcrypto.a -o handshake -I ssl/include -ldl 错误是 

    afl-cc 2.52b by <lcamtuf@google.com>
afl-as 2.52b by <lcamtuf@google.com>
[+] Instrumented 15 locations (64-bit, non-hardened mode, ratio 100%).
libcrypto.a(x86_64cpuid.o): In function `OPENSSL_cleanse':
(.text+0x1a0): multiple definition of `OPENSSL_cleanse'
libcrypto.a(mem_clr.o):mem_clr.c:(.text+0x0): first defined here
/tmp/ccJeYtnW.o: In function `Init':
path/openssl-1.0.1/handshake.c:22: undefined reference to `SSL_CTX_set_security_level'
libcrypto.a(c_zlib.o): In function `zlib_stateful_expand_block':
c_zlib.c:(.text+0x59): undefined reference to `inflate'
libcrypto.a(c_zlib.o): In function `zlib_stateful_compress_block':
c_zlib.c:(.text+0xea): undefined reference to `deflate'
libcrypto.a(c_zlib.o): In function `bio_zlib_free':
c_zlib.c:(.text+0x13d): undefined reference to `inflateEnd'
c_zlib.c:(.text+0x15b): undefined reference to `deflateEnd'
libcrypto.a(c_zlib.o): In function `zlib_stateful_finish':
c_zlib.c:(.text+0x1d0): undefined reference to `inflateEnd'
c_zlib.c:(.text+0x1d9): undefined reference to `deflateEnd'
libcrypto.a(c_zlib.o): In function `zlib_stateful_init':
c_zlib.c:(.text+0x268): undefined reference to `inflateInit_'
c_zlib.c:(.text+0x2d9): undefined reference to `deflateInit_'
libcrypto.a(c_zlib.o): In function `bio_zlib_ctrl':
c_zlib.c:(.text+0x54c): undefined reference to `deflate'
c_zlib.c:(.text+0x5f0): undefined reference to `zError'
libcrypto.a(c_zlib.o): In function `bio_zlib_write':
c_zlib.c:(.text+0x809): undefined reference to `deflate'
c_zlib.c:(.text+0x89a): undefined reference to `zError'
c_zlib.c:(.text+0x933): undefined reference to `deflateInit_'
libcrypto.a(c_zlib.o): In function `bio_zlib_read':
c_zlib.c:(.text+0xa13): undefined reference to `inflate'
c_zlib.c:(.text+0xa8d): undefined reference to `zError'
c_zlib.c:(.text+0xafc): undefined reference to `inflateInit_'
collect2: error: ld returned 1 exit status

    请建议我如何修复这些错误。

    事先谢谢。

    编辑:

    所以到目前为止,我所做的是使用根权限安装OpenSSL。我工作过,但在手动安装方面给了我很多错误,大部分错误看起来像 item= expecting something other than a integer . 我手动将这些线条改为字符, =item 1 -> =item '1' . 在根目录的apps和ssl文件夹中进行了更改之后,我终于使它工作了。最终安装看起来像是在制造和安装之后 

    installing openssl
installing CA.sh
installing CA.pl
installing tsget
make[1]: Leaving directory `/openssl-1.0.1f/apps'
making install in test...
make[1]: Entering directory `/openssl-1.0.1f/test'
make[1]: Nothing to be done for `install'.
make[1]: Leaving directory `/openssl-1.0.1f/test'
making install in tools...
make[1]: Entering directory `/openssl-1.0.1f/tools'
make[1]: Leaving directory `/openssl-1.0.1f/tools'
installing libcrypto.a
installing libssl.a
cp libcrypto.pc /usr/local/ssl/lib/pkgconfig
chmod 644 /usr/local/ssl/lib/pkgconfig/libcrypto.pc
cp libssl.pc /usr/local/ssl/lib/pkgconfig
chmod 644 /usr/local/ssl/lib/pkgconfig/libssl.pc
cp openssl.pc /usr/local/ssl/lib/pkgconfig
chmod 644 /usr/local/ssl/lib/pkgconfig/openssl.pc
root@ubuntu:/openssl-1.0.1f# openssl
The program 'openssl' is currently not installed. You can install it by   typing:
apt-get install openssl

    现在我认为安装没有错误,但我还没有安装OpenSSL,因为它说还没有安装这样的包。

    请帮忙。

    1 回复  |  直到 6 年前
        1
  •  0
  •   aneela    6 年前

    正如我在edited post中添加的,当我以root身份运行安装时,OpenSSL安装中的错误消失了。我使用了以下命令序列; 

    make clean
./config no-shared no-idea no-mdc2 no-rc5 zlib enable-tlsext
make depend
make && make install

    正如上面在问题的编辑版本中讨论的,它给了我在.pod文件中的错误,我一个接一个地解决了这些错误(想知道是否有人有更聪明的方法)。

    编译后,现在错误仍保留在编辑的部分中,在将openssl安装路径添加到$path环境变量后立即解决。我在.basrc和.profile文件下面添加了一行。 

    export PATH="$PATH:/usr/local/ssl/bin"

    现在OpenSSL工作正常。

    但是,使用openssl编译handshake.c时使用此命令 

    AFL_USE_ASAN=1 afl-gcc handshake.c -lcrypto -lz libssl.a  -o handshake -ldl

    最后 

    afl-fuzz -i testcases -o findings -m none -- ./handshake

    希望这能帮助未来的谷歌。

    谢谢。

    推荐文章
    关于   移动版
    代码之家 - 一站式码农服务社区
    沪ICP备11025650号