In part 3 of our 5 part series, we start on the task of fuzzing the binaries included in the competition. The targets distributed as source in Episode 1 were easy; compile with AFL and get your instrumentation. Now, we're trying to get that instrumentation on some targets that are binary only.

As we'll see in this episode, that's both somewhat tricky, given the performance costs, as well as something that requires paying attention to exactly what you're trying to do. I manage to get things set up twice, just about ready to start fuzzing, only realizing at the very end I've screwed things up and need to start all over again.

We're including this as part of the series because I think it's an important thing to show. It represents nearly 25% of the total time spent working on the May competition (potentially more, if you count the time spent building VMs off recording), so including these failures as part of the series means everyone watching gets a better idea of what actually went on.

And don't forget about the Triaging competition we're running through the end of the series (tentatively ending July 30th). If you're interested in triaging the crashes I got from this fuzzing, head over to the github repo I set up for it and enter the contest: https://github.com/murmus/Rode0Triage. We've still got all 3 Hacking 2.0 Humble eBook Bundles up for grabs for individuals who enter writeups and/or exploits for their triaging.