diff options
| -rw-r--r-- | frida_mode/GNUmakefile | 16 | ||||
| -rw-r--r-- | frida_mode/README.md | 14 | ||||
| -rw-r--r-- | frida_mode/src/instrument/instrument_x64.c | 12 | ||||
| -rw-r--r-- | frida_mode/src/seccomp/seccomp_atomic.c | 2 | ||||
| -rw-r--r-- | frida_mode/src/seccomp/seccomp_callback.c | 2 | ||||
| -rw-r--r-- | frida_mode/src/seccomp/seccomp_child.c | 2 | ||||
| -rw-r--r-- | frida_mode/src/seccomp/seccomp_event.c | 2 | ||||
| -rw-r--r-- | frida_mode/src/seccomp/seccomp_filter.c | 2 | ||||
| -rw-r--r-- | frida_mode/src/seccomp/seccomp_print.c | 2 | ||||
| -rw-r--r-- | frida_mode/src/seccomp/seccomp_socket.c | 2 | ||||
| -rw-r--r-- | frida_mode/src/seccomp/seccomp_syscall.c | 2 | 
11 files changed, 50 insertions, 8 deletions
| diff --git a/frida_mode/GNUmakefile b/frida_mode/GNUmakefile index 4d6d7147..ed35c9f6 100644 --- a/frida_mode/GNUmakefile +++ b/frida_mode/GNUmakefile @@ -80,6 +80,22 @@ ifeq "$(shell uname)" "Linux" OS:=linux endif +ifneq "$(findstring android, $(shell $(CC) --version 2>/dev/null))" "" + OS:=android + ifneq "$(findstring aarch64, $(shell $(CC) --version 2>/dev/null))" "" + ARCH:=arm64 + endif + ifneq "$(findstring arm, $(shell $(CC) --version 2>/dev/null))" "" + ARCH:=arm + endif + ifneq "$(findstring x86_64, $(shell $(CC) --version 2>/dev/null))" "" + ARCH:=x86_64 + endif + ifneq "$(findstring i686, $(shell $(CC) --version 2>/dev/null))" "" + ARCH:=x86 + endif +endif + ifndef OS $(error "Operating system unsupported") endif diff --git a/frida_mode/README.md b/frida_mode/README.md index 165f8089..df40c771 100644 --- a/frida_mode/README.md +++ b/frida_mode/README.md @@ -55,6 +55,20 @@ tests in 32-bit mode, run `make ARCH=x86 frida`. When switching between architectures it may be necessary to run `make clean` first for a given build target to remove previously generated binaries for a different architecture. +### Android + +In order to build, you need to download the Android SDK. + +``` +https://developer.android.com/ndk/downloads +``` + +Then creating locally a standalone chain as follow. + +``` +https://developer.android.com/ndk/guides/standalone_toolchain +``` + ## Usage FRIDA mode added some small modifications to `afl-fuzz` and similar tools diff --git a/frida_mode/src/instrument/instrument_x64.c b/frida_mode/src/instrument/instrument_x64.c index ebdf1440..a7eb650a 100644 --- a/frida_mode/src/instrument/instrument_x64.c +++ b/frida_mode/src/instrument/instrument_x64.c @@ -4,8 +4,12 @@ #include <sys/shm.h> #if defined(__linux__) +#if !defined(__ANDROID__) #include <asm/prctl.h> #include <sys/syscall.h> +#else +#include <linux/ashmem.h> +#endif #endif #include "frida-gumjs.h" @@ -156,8 +160,16 @@ static void instrument_coverage_optimize_map_mmap(char * shm_file_path, __afl_area_ptr = NULL; +#if !defined(__ANDROID__) shm_fd = shm_open(shm_file_path, O_RDWR, DEFAULT_PERMISSION); if (shm_fd == -1) { FATAL("shm_open() failed\n"); } +#else + shm_fd = open("/dev/ashmem", O_RDWR); + if (shm_fd == -1) { FATAL("open() failed\n"); } + if (ioctl(shm_fd, ASHMEM_SET_NAME, shm_file_path) == -1) { FATAL("ioctl(ASHMEM_SET_NAME) failed"); } + if (ioctl(shm_fd, ASHMEM_SET_SIZE, __afl_map_size) == -1) { FATAL("ioctl(ASHMEM_SET_SIZE) failed"); } + +#endif __afl_area_ptr = mmap(address, __afl_map_size, PROT_READ | PROT_WRITE, MAP_FIXED_NOREPLACE | MAP_SHARED, shm_fd, 0); diff --git a/frida_mode/src/seccomp/seccomp_atomic.c b/frida_mode/src/seccomp/seccomp_atomic.c index 5097511a..c2042f97 100644 --- a/frida_mode/src/seccomp/seccomp_atomic.c +++ b/frida_mode/src/seccomp/seccomp_atomic.c @@ -1,4 +1,4 @@ -#ifndef __APPLE__ +#if defined(__linux__) && !defined(__ANDROID__) #include <stdbool.h> #include <stdio.h> diff --git a/frida_mode/src/seccomp/seccomp_callback.c b/frida_mode/src/seccomp/seccomp_callback.c index 7e1e2070..a88196ac 100644 --- a/frida_mode/src/seccomp/seccomp_callback.c +++ b/frida_mode/src/seccomp/seccomp_callback.c @@ -1,4 +1,4 @@ -#ifndef __APPLE__ +#if defined(__linux__) && !defined(__ANDROID__) #include <execinfo.h> #include <fcntl.h> diff --git a/frida_mode/src/seccomp/seccomp_child.c b/frida_mode/src/seccomp/seccomp_child.c index f665f472..43a79894 100644 --- a/frida_mode/src/seccomp/seccomp_child.c +++ b/frida_mode/src/seccomp/seccomp_child.c @@ -1,4 +1,4 @@ -#ifndef __APPLE__ +#if defined(__linux__) && !defined(__ANDROID__) #include <fcntl.h> #include <sched.h> diff --git a/frida_mode/src/seccomp/seccomp_event.c b/frida_mode/src/seccomp/seccomp_event.c index dd4abde7..e2f592ca 100644 --- a/frida_mode/src/seccomp/seccomp_event.c +++ b/frida_mode/src/seccomp/seccomp_event.c @@ -1,4 +1,4 @@ -#ifndef __APPLE__ +#if defined(__linux__) && !defined(__ANDROID__) #include <stdint.h> #include <stdio.h> diff --git a/frida_mode/src/seccomp/seccomp_filter.c b/frida_mode/src/seccomp/seccomp_filter.c index 13ff7522..8d56c367 100644 --- a/frida_mode/src/seccomp/seccomp_filter.c +++ b/frida_mode/src/seccomp/seccomp_filter.c @@ -1,4 +1,4 @@ -#ifndef __APPLE__ +#if defined(__linux__) && !defined(__ANDROID__) #include <alloca.h> #include <errno.h> diff --git a/frida_mode/src/seccomp/seccomp_print.c b/frida_mode/src/seccomp/seccomp_print.c index be4d80ce..3cea1239 100644 --- a/frida_mode/src/seccomp/seccomp_print.c +++ b/frida_mode/src/seccomp/seccomp_print.c @@ -1,4 +1,4 @@ -#ifndef __APPLE__ +#if defined(__linux__) && !defined(__ANDROID__) #include <stdarg.h> diff --git a/frida_mode/src/seccomp/seccomp_socket.c b/frida_mode/src/seccomp/seccomp_socket.c index fae95805..ef937420 100644 --- a/frida_mode/src/seccomp/seccomp_socket.c +++ b/frida_mode/src/seccomp/seccomp_socket.c @@ -1,4 +1,4 @@ -#ifndef __APPLE__ +#if defined(__linux__) && !defined(__ANDROID__) #include <stdio.h> #include <string.h> diff --git a/frida_mode/src/seccomp/seccomp_syscall.c b/frida_mode/src/seccomp/seccomp_syscall.c index e023c131..8335b93c 100644 --- a/frida_mode/src/seccomp/seccomp_syscall.c +++ b/frida_mode/src/seccomp/seccomp_syscall.c @@ -1,4 +1,4 @@ -#ifndef __APPLE__ +#if defined(__linux__) && !defined(__ANDROID__) #include <limits.h> #include <stdio.h> | 
