My environment is not running?

[Nzoth9]

Hello. First of all, thank you for making this project. When I try drrun.exe to start my environment winAFL, nothing comes up.
Here is my environment and command.

• Window 11 ARM(VM Paralles)
• Visualcode 17 2022
• My stupid head

"C:\Users\Eo\Desktop\DynamoRIO-Windows-9.0.19349 2\bin32\drrun.exe" -c C:\Users\Eo\source\repos\winafl\bin\Release\winafl.dll -debug -target_module test_gdiplus.exe -fuzz-iterations 10 -target_offset 0x10c0 -nargs 2 -- test_gdiplus.exe input.bmp

When I run it, nothing pops up. I want to do code coverage(with ida lightouse plugin).

I also installed a version such as pinTOOL that matches the dll and version of the lighthouse plugin because Intel PT can extract data from code coverage.

.\pin.exe -t .\CodeCoverage.dll -- notepad.exe
E: Failed to allocate Injector, Error = INJECTOR_ERR
E: Pin is exiting due to fatal error

Maybe it doesn't work in my environment.... 🥺
Does anyone have experience extracting code coverage of EXE files in an ARM environment?

[ifratric]

Unfortunately, neither WinAFL nor (AFAIK) DynamoRIO currently support Windows on ARM.

[Nzoth9]

Thank you very much for your reply! dear @ifratric.
Then, is there really no way to extract the code coverage data of Windows EXE on ARM?

[ifratric]

Nothing comes to mind off the top of my head. Jackalope (my other fuzzer) has support for ARM64 coverage, but so far this is only being used on MacOS with Apple chips. In order to take advantage of it on Windows, some changes would be needed on the Windows debugger component, in particular around registers, calling conventions and such. In case you are looking for a development project :)

[Nzoth9]

Thank you for your kind reply. @ifratric