Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Extend \dt* to allow file redirection #252

Closed
hexploitable opened this issue Sep 2, 2020 · 9 comments
Closed

Extend \dt* to allow file redirection #252

hexploitable opened this issue Sep 2, 2020 · 9 comments

Comments

@hexploitable
Copy link
Contributor

Trace output can be extensive, it would be nice to have a way to have trace output written to a file.
SInce trace output is async, we cannot directly parse the output with r2's json capabilities.

Should be easy to add, just capturing it here so the thought is not lost.
@hexploitable hexploitable changed the title Extend \dt to allow file redirection Extend \dt* to allow file redirection Sep 2, 2020
@oleavr
Copy link
Member

oleavr commented Sep 3, 2020

Another option would be to capture outputs in one or more variables, to allow processing within r2. The drawback would obviously be memory usage and needing a configurable limit to specify when to start dropping old data.

@hexploitable
Copy link
Contributor Author

Yeh, discussed offline with @mrmacete, could be an idea to cache it in the agentside and have a \dts command or similar to get a summary of events. And yeah I think we'd want some variables to configure parameters including event count, data size, etc.

@hexploitable
Copy link
Contributor Author

Actually looking at the source there is already:
https://github.com/nowsecure/r2frida/blob/master/src/agent/index.js#L2661-L2679

It's just invoked. It looks like we can just replace traceLog() calls with traceEmit().

@hexploitable
Copy link
Contributor Author

image

Converted the traceLog calls to traceEmit() locally and this works nicely.

Thoughts?

/cc @enovella @mrmacete @radare

@hexploitable
Copy link
Contributor Author

Perhaps we can a) convert the traceLog calls to traceEmit and b) define and utilize new variables for memory limits.

@enovella
Copy link
Contributor

enovella commented Sep 7, 2020

Hi guys,

both options are a great option. I personally liked more the way that \dtf was displaying the traces. The new way is to bulky and it is tough to read. Too much info! We could also have extensive and light code tracing as well.

@hexploitable Can you open a PR to test?

@hexploitable
Copy link
Contributor Author

Yeah I'll open something WIP to get the ball rolling but at a glance, we can switch to using the emit functions, and then introduce variables for limits and json|simple logs.

@hexploitable hexploitable mentioned this issue Sep 8, 2020
Merged
@trufae
Copy link
Member

trufae commented Sep 8, 2020

+1

@hexploitable
Copy link
Contributor Author

Updated the PR with the changes. A hook.output config value can now be set to json (default is simple), to allow more or less information as you wish.

image

Since the traces now use traceEmit(), these will be written to file instead of stdout, if you have set file.log to a filepath like so:

\e file.log=example_trace.log

trufae pushed a commit that referenced this issue Sep 17, 2020
@hexploitable
Feature/trace summary #252 (#253)
357e398 
* use traceEmit() instead of traceLog() - allowing for writing trace to output files for parsing
* remove superfluous function
* add config variable to decide between simple output and json
* normalize config variable case except file.log
* fix error in str case flattening since we should only do this on strings not other config values such as booleans, ints, etc
@trufae trufae closed this as completed Sep 17, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@oleavr @hexploitable @trufae @enovella