Skip to content
/ dronity Public
forked from vitorallo/dronity

Dronity, the Trinity syscall fuzzer ported to Android

License

GPL-2.0 license
4 stars 32 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ThomasKing2014/dronity

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
.deps
.deps
 
 
.settings
.settings
 
 
Documentation
Documentation
 
 
android-fixup
android-fixup
 
 
children
children
 
 
cioctls
cioctls
 
 
include
include
 
 
ioctls
ioctls
 
 
net
net
 
 
patches
patches
 
 
scripts
scripts
 
 
syscalls
syscalls
 
 
tools
tools
 
 
.cproject
.cproject
 
 
.gitignore
.gitignore
 
 
.project
.project
 
 
COPYING
COPYING
 
 
Makefile
Makefile
 
 
Makefile.original
Makefile.original
 
 
README
README
 
 
README.md
README.md
 
 
README.trinity
README.trinity
 
 
arg-decoder.c
arg-decoder.c
 
 
blockdevs.c
blockdevs.c
 
 
child.c
child.c
 
 
config.h
config.h
 
 
config.vit
config.vit
 
 
configure.sh
configure.sh
 
 
core
core
 
 
debug.c
debug.c
 
 
devices.c
devices.c
 
 
dronity
dronity
 
 
fault-read.c
fault-read.c
 
 
fault-write.c
fault-write.c
 
 
fd-epoll.c
fd-epoll.c
 
 
fd-eventfd.c
fd-eventfd.c
 
 
fd-files.c
fd-files.c
 
 
fd-memfd.c
fd-memfd.c
 
 
fd-perf.c
fd-perf.c
 
 
fd-pipes.c
fd-pipes.c
 
 
fd-sockets.c
fd-sockets.c
 
 
fd-testfiles.c
fd-testfiles.c
 
 
fd-timerfd.vit
fd-timerfd.vit
 
 
fds.c
fds.c
 
 
generate-args.c
generate-args.c
 
 
interesting-numbers.c
interesting-numbers.c
 
 
locks.c
locks.c
 
 
log.c
log.c
 
 
main.c
main.c
 
 
maps-initial.c
maps-initial.c
 
 
maps.c
maps.c
 
 
params.c
params.c
 
 
pids.c
pids.c
 
 
post-mortem.c
post-mortem.c
 
 
random-address.c
random-address.c
 
 
random-length.c
random-length.c
 
 
random-pathname.c
random-pathname.c
 
 
random.c
random.c
 
 
seed.c
seed.c
 
 
shm.c
shm.c
 
 
signals.c
signals.c
 
 
syscall.c
syscall.c
 
 
tables-biarch.c
tables-biarch.c
 
 
tables-uniarch.c
tables-uniarch.c
 
 
tables.c
tables.c
 
 
taint.c
taint.c
 
 
trinity.c
trinity.c
 
 
uid.c
uid.c
 
 
utils.c
utils.c
 
 
watchdog.c
watchdog.c
 
 

Repository files navigation

===========================================================================

#Dronity 0.7 experimental build (community edition) it's a trinty port to Android, wow!

Android Kernel Fuzzer based and forked from Trinity 1.4 https://github.com/kernelslacker/trinity (please read README.trinity) All the credit for the awesome trinity goes to Dave Jones davej@redhat.com

ported by Vito Rallo (vito.rallo@gmail.com)

===========================================================================

#Crosscompile Dronity for platform >21 (Android 5.0) and/or AARCH64

  1. get Android NDK from Google
  2. run make-standalone-toolchain to get a standalone compiler

./make-standalone-toolchain.sh --toolchain=aarch64-linux-android-4.9 --platform=android-21 --install-dir=/opt/toolchain --ndk-dir=/opt/android-ndk-r10c --system=linux-x86_64

  1. important: set your toolchain bin in env PATH, add it to .bashrc

echo "PATH=$PATH:/opt/toolchain/bin" >> ~/.bashrc source ~/.bashrc

  1. edit config.h and uncomment or be sure that "#define P21 1" and "#define AARCH64 1" (in case you are compiling with armv8 toolchain) are defined

  2. compile dronity, you are now ready to go!

make CROSS_COMPILE=aarch64-linux-android- CC=aarch64-linux-android-gcc

(specify here the type of compiler you want, this example is based on aarch64 compiler for android version 4.9 ndk version 10c from Google)

============================================================================

#Crosscompile Dronity for platform 19 (Android 4.4) and hopefully below (not tested)

  1. get Android NDK from Google
  2. run make-standalone-toolchain to get a standalone compiler (android_sdk_root/build/tools)

./make-standalone-toolchain.sh --toolchain=arm-linux-androideabi-4.9 --platform=android-19 --install-dir=/opt/toolchain --ndk-dir=/opt/android-ndk-r10c --system=linux-x86_64

  1. important: set your toolchain bin in env PATH, add it to .bashrc

echo "PATH=$PATH:/opt/toolchain/bin" >> ~/.bashrc source ~/.bashrc

  1. edit config.h and COMMENT or be sure that // #define P21 1 and // #define AARCH64 1 ARE COMMENTED!!!!

  2. compile dronity, you are now ready to go!

make CROSS_COMPILE=arm-linux-androideabi- CC=arm-linux-androideabi-gcc

(specify here the type of compiler you want, this example is based on aarch64 compiler for android version 4.9 ndk version 10c from Google)

=============================================================================

supported standalone toolchains as of android-ndk-r10e:

aarch64-linux-android-4.9 aarch64-linux-android-clang3.5 aarch64-linux-android-clang3.6 arm-linux-androideabi-4.8 arm-linux-androideabi-4.9 arm-linux-androideabi-clang3.5 arm-linux-androideabi-clang3.6 llvm-3.5 llvm-3.6 mips64el-linux-android-4.9 mips64el-linux-android-clang3.5 mips64el-linux-android-clang3.6 mipsel-linux-android-4.8 mipsel-linux-android-4.9 mipsel-linux-android-clang3.5 mipsel-linux-android-clang3.6 renderscript x86-4.8 x86-4.9 x86-clang3.5 x86-clang3.6 x86_64-4.9 x86_64-clang3.5 x86_64-clang3.6

=============================================================================

Troubleshooting:

  1. cannot run on 4.4 even if the file is compiled for 32bit dynamically linked? try to comment this line from the Makefile

LDFLAGS += -fPIE -pie

this is required as of Android 5.0 only!

  1. I see a warning while compiling getline.c ... that's fine... close your eyes for now!

About

Dronity, the Trinity syscall fuzzer ported to Android

Resources

Readme

License

GPL-2.0 license
Activity

Stars

4 stars

Watchers

3 watching

Forks

5 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • C 96.8%
  • Shell 1.3%
  • Verilog 1.1%
  • Other 0.8%