Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Run QBDIPreload on Android x86-64 failed #118

Open
hac425xxx opened this issue Nov 7, 2019 · 3 comments
Open

Run QBDIPreload on Android x86-64 failed #118

hac425xxx opened this issue Nov 7, 2019 · 3 comments

Comments

@hac425xxx
Copy link

hac425xxx commented Nov 7, 2019
edited

I try to compile a QBDIPreload example for android x86, I try the default CMakeLists.txt

https://github.com/QBDI/QBDI/blob/master/templates/qbdi_preload_template/CMakeLists.txt

It don't work , then I try the method like this

https://github.com/QBDI/examples/tree/master/packer-android-x86/

It also failed, the cmakelists.txt

cmake_minimum_required (VERSION 3.2)
project(QBDITemplate)

set(QBDI_INCLUDE_DIRS "QBDI_PATH/include")
set(QDBI_PRELOAD_DIRS "QBDI_PATH/tools/QBDIPreload/include/")


set(QBDI_LIB          "QBDI_PATH/templates/afl-android-preload/usr/local/lib/libQBDI.so")
set(QBDI_PRELOAD      "QBDI_PATH/templates/afl-android-preload/usr/local/lib/libQBDIPreload.a")



find_package(QBDI REQUIRED)
find_package(QBDIPreload REQUIRED)

add_library(qbdi_tracer SHARED qbdi_preload_template.c)


set_property(TARGET libshellx_qbdi PROPERTY CXX_STANDARD           11)
set_property(TARGET libshellx_qbdi PROPERTY CXX_STANDARD_REQUIRED  ON)

target_link_libraries(qbdi_tracer ${QBDI_LIB} ${QBDI_PRELOAD})

Cmake cmdline

cmake ..      -DANDROID_ABI="x86_64"   -DANDROID_PLATFORM=android-23    -DCMAKE_INSTALL_PREFIX=$(pwd)/install   -DCMAKE_BUILD_TYPE=RelWithDebInfo       -DCMAKE_TOOLCHAIN_FILE=/xxxxxxxxx/android-ndk-r20/build/cmake/android.toolchain.cmake

And the output

$ make
[ 50%] Linking C shared library libqbdi_tracer.so
NDK_PATH/android-ndk-r20/toolchains/llvm/prebuilt/linux-x86_64/lib/gcc/x86_64-linux-android/4.9.x/../../../../x86_64-linux-android/bin/ld: error: cannot open crtbegin_so.o: No such file or directory
NDK_PATH/android-ndk-r20/toolchains/llvm/prebuilt/linux-x86_64/lib/gcc/x86_64-linux-android/4.9.x/../../../../x86_64-linux-android/bin/ld: error: cannot open crtend_so.o: No such file or directory
NDK_PATH/android-ndk-r20/toolchains/llvm/prebuilt/linux-x86_64/lib/gcc/x86_64-linux-android/4.9.x/../../../../x86_64-linux-android/bin/ld: error: cannot find -ldl
NDK_PATH/android-ndk-r20/toolchains/llvm/prebuilt/linux-x86_64/lib/gcc/x86_64-linux-android/4.9.x/../../../../x86_64-linux-android/bin/ld: error: cannot find -lz
NDK_PATH/android-ndk-r20/toolchains/llvm/prebuilt/linux-x86_64/lib/gcc/x86_64-linux-android/4.9.x/../../../../x86_64-linux-android/bin/ld: error: cannot find -lm
NDK_PATH/android-ndk-r20/toolchains/llvm/prebuilt/linux-x86_64/lib/gcc/x86_64-linux-android/4.9.x/../../../../x86_64-linux-android/bin/ld: error: cannot find -lm
NDK_PATH/android-ndk-r20/toolchains/llvm/prebuilt/linux-x86_64/lib/gcc/x86_64-linux-android/4.9.x/../../../../x86_64-linux-android/bin/ld: error: cannot find -lcompiler_rt-extras
NDK_PATH/android-ndk-r20/toolchains/llvm/prebuilt/linux-x86_64/lib/gcc/x86_64-linux-android/4.9.x/../../../../x86_64-linux-android/bin/ld: error: cannot find -ldl
NDK_PATH/android-ndk-r20/toolchains/llvm/prebuilt/linux-x86_64/lib/gcc/x86_64-linux-android/4.9.x/../../../../x86_64-linux-android/bin/ld: error: cannot find -lc
NDK_PATH/android-ndk-r20/toolchains/llvm/prebuilt/linux-x86_64/lib/gcc/x86_64-linux-android/4.9.x/../../../../x86_64-linux-android/bin/ld: error: cannot find -lcompiler_rt-extras
NDK_PATH/android-ndk-r20/toolchains/llvm/prebuilt/linux-x86_64/lib/gcc/x86_64-linux-android/4.9.x/../../../../x86_64-linux-android/bin/ld: error: cannot find -ldl
/home/lsl/coding/QBDI/templates/afl-android-preload/usr/local/share/qbdipreload/qbdi_preload_template/qbdi_preload_template.c:11: error: undefined reference to 'printf'
/home/lsl/coding/QBDI/templates/afl-android-preload/usr/local/share/qbdipreload/qbdi_preload_template/qbdi_preload_template.c:13: error: undefined reference to 'printf'
/home/lsl/coding/QBDI/templates/afl-android-preload/usr/local/share/qbdipreload/qbdi_preload_template/qbdi_preload_template.c:15: error: undefined reference to 'printf'
/usr/local/lib/libQBDIPreload.a(linux_preload.c.o):linux_preload.c:function redirectExec: error: undefined reference to 'mmap'
/usr/local/lib/libQBDIPreload.a(linux_preload.c.o):linux_preload.c:function setEntryBreakpoint: error: undefined reference to 'sysconf'
/usr/local/lib/libQBDIPreload.a(linux_preload.c.o):linux_preload.c:function setEntryBreakpoint: error: undefined reference to 'mprotect'
/usr/local/lib/libQBDIPreload.a(linux_preload.c.o):linux_preload.c:function setEntryBreakpoint: error: undefined reference to 'mprotect'
/usr/local/lib/libQBDIPreload.a(linux_preload.c.o):linux_preload.c:function unsetEntryBreakpoint: error: undefined reference to 'sysconf'
/usr/local/lib/libQBDIPreload.a(linux_preload.c.o):linux_preload.c:function unsetEntryBreakpoint: error: undefined reference to 'mprotect'
/usr/local/lib/libQBDIPreload.a(linux_preload.c.o):linux_preload.c:function unsetEntryBreakpoint: error: undefined reference to 'mprotect'
/usr/local/lib/libQBDIPreload.a(linux_preload.c.o):linux_preload.c:function exit: error: undefined reference to 'dlsym'
/usr/local/lib/libQBDIPreload.a(linux_preload.c.o):linux_preload.c:function catchEntrypoint: error: undefined reference to 'strstr'
/usr/local/lib/libQBDIPreload.a(linux_preload.c.o):linux_preload.c:function catchEntrypoint: error: undefined reference to 'strstr'
/usr/local/lib/libQBDIPreload.a(linux_preload.c.o):linux_preload.c:function catchEntrypoint: error: undefined reference to 'strstr'
/usr/local/lib/libQBDIPreload.a(linux_preload.c.o):linux_preload.c:function setupExceptionHandler.part.0: error: undefined reference to 'stderr'
/usr/local/lib/libQBDIPreload.a(linux_preload.c.o):linux_preload.c:function setupExceptionHandler.part.0: error: undefined reference to 'fputs'
/usr/local/lib/libQBDIPreload.a(linux_preload.c.o):linux_preload.c:function qbdipreload_hook_main: error: undefined reference to 'sysconf'
/usr/local/lib/libQBDIPreload.a(linux_preload.c.o):linux_preload.c:function qbdipreload_hook_main: error: undefined reference to 'sigemptyset'
/usr/local/lib/libQBDIPreload.a(linux_preload.c.o):linux_preload.c:function qbdipreload_hook_main: error: undefined reference to 'sigaction'
/usr/local/lib/libQBDIPreload.a(linux_preload.c.o):linux_preload.c:function qbdipreload_setup_exception_handler: error: undefined reference to 'sigemptyset'
/usr/local/lib/libQBDIPreload.a(linux_preload.c.o):linux_preload.c:function qbdipreload_setup_exception_handler: error: undefined reference to 'sigaction'
/usr/local/lib/libQBDIPreload.a(linux_preload.c.o):linux_preload.c:function _exit: error: undefined reference to 'dlsym'
/usr/local/lib/libQBDIPreload.a(linux_preload.c.o):linux_preload.c:function __libc_start_main: error: undefined reference to 'dlsym'
clang: error: linker command failed with exit code 1 (use -v to see invocation)
make[2]: *** [libqbdi_tracer.so] Error 1
make[1]: *** [CMakeFiles/qbdi_tracer.dir/all] Error 2
make: *** [all] Error 2

Could you please give an example for this situation?
@nsurbay
Copy link
Member

nsurbay commented Nov 7, 2019

Hello,

You try to compile the example with QBDIPreload installed on your system. This library is compile for linux. If you need to compile for android, you need to link with QBDIPreload-android-x86. You can found a compiled version here : https://github.com/QBDI/QBDI/releases/tag/v0.7.0.

@hac425xxx
Copy link
Author

hac425xxx commented Nov 7, 2019
edited

Yes, the QBDI_PATH/templates/afl-android-preload/usr/local/lib/libQBDIPreload.a is from QBDI-0.7.0-android-X86_64.tar.gz, I don't why the compiler try to link the /usr/local/lib/libQBDIPreload.a

set(QBDI_PRELOAD      "QBDI_PATH/templates/afl-android-preload/usr/local/lib/libQBDIPreload.a")

@hac425xxx
Copy link
Author

I use the gcc to compile this

x86_64-linux-android-gcc qbdi_preload_template.c -Ipath/of/QBDI-Android-x86_64/usr/local/include/ -Lpath/of/QBDI-Android-x86_64/usr/local/lib/ -lQBDI path/of/QBDI-Android-x86_64/usr/local/lib/libQBDIPreload.a  -shared -fpic -pie -o libpreload.so -Wl,-rpath=/data/local/tmp -w

But when I try to use it, it something wrong

# LD_PRELOAD=/data/local/tmp/libpreload.so ./filefuzz out.so
qbdipreload_on_exit, bbcount:0

The code I use

int qbdipreload_on_start(void *main)
{
    puts("In qbdipreload_on_main");
    return QBDIPRELOAD_NOT_HANDLED;
}

int qbdipreload_on_premain(void *gprCtx, void *fpuCtx)
{
    puts("In qbdipreload_on_main");
    return QBDIPRELOAD_NOT_HANDLED;
}

int qbdipreload_on_main(int argc, char **argv)
{
    qbdi_addLogFilter("*", QBDI_DEBUG);

    puts("In qbdipreload_on_main");

    if(afl_area_ptr == 0){
        if(afl_setup()){
            afl_forkserver();
        }
    }

    return QBDIPRELOAD_NOT_HANDLED;
}

int qbdipreload_on_run(VMInstanceRef vm, rword start, rword stop)
{
    dump_module_list();
    qbdi_addVMEventCB(vm, QBDI_BASIC_BLOCK_ENTRY, bb_cbk, NULL);

    puts("In qbdipreload_on_run");

    qbdi_run(vm, start, stop);
    return QBDIPRELOAD_NO_ERROR;
}

int qbdipreload_on_exit(int status)
{
    printf("qbdipreload_on_exit, bbcount:%d\n", bbcount);
    return QBDIPRELOAD_NO_ERROR;
}

From the output, It seems that the program only execute the qbdipreload_on_exit function, other function has't been executed.

@hac425xxx hac425xxx changed the title Compile QBDIPreload for Android x86-64 failed Run QBDIPreload on Android x86-64 failed Nov 8, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@nsurbay @hac425xxx