Funserialize
Scripts and auxiliary files for fuzzing PHP's unserialize function
Install / Use
/learn @SeanHeelan/FunserializeREADME
funserialize
Scripts and auxiliary files for fuzzing PHP's unserialize function. See https://sean.heelan.io/2017/08/12/fuzzing-phps-unserialize-function/ for details.
Dependencies
GNU screen
clang (optional)
Usage
get.sh retrieves the source for PHP and afl.
build.sh builds both PHP and afl. If you have clang available then
afl-clang-fast will also be built.
fuzz.sh starts a master afl instance and multiple slaves inside a GNU screen
instance with the session name fuzz.
A normal session might look as follows:
./get.sh
<...>
./build.sh
<...>
./fuzz.sh output_dir 3
<...>
The final command will start a master afl instance and 3 slaves, with
output_dir used as the top level output directory for afl. You can run screen -r fuzz to attach to the screen instance and view the progress of the fuzzing
session.
Related Skills
node-connect
346.4kDiagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps
frontend-design
107.2kCreate distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.
openai-whisper-api
346.4kTranscribe audio via OpenAI Audio Transcriptions API (Whisper).
qqbot-media
346.4kQQBot 富媒体收发能力。使用 <qqmedia> 标签,系统根据文件扩展名自动识别类型(图片/语音/视频/文件)。
