Pin tracer - a tracer based on Pin: Intel’s Dynamic Binary Instrumentation Engine. It executes a binary executable and saves trace data using Protocol Buffer format. The contents of the trace data is defined in bap-frames project.
Note: building instructions assume that you're using Ubuntu, but it may work on other systems, that uses apt-get.
Since this tool requires pin 2 which does not fully support Linux kernels 4.x and later, it is recommended to use a virtual machine with Ubuntu 14.04.1.
Before build tracer, you need download and install
- pin
- autoconf, libtool, protobuf-compiler, libboost-dev, libboost-filesystem-dev, libcrypto++-dev
- piqi library
Here are installation example.
Download pin library:
$ wget http://software.intel.com/sites/landingpage/pintool/downloads/pin-2.14-71313-gcc.4.4.7-linux.tar.gz
Suppose you want install pin to $(HOME)/opt directory then:
$ tar xvzf pin-2.14-71313-gcc.4.4.7-linux.tar.gz -C $HOME/opt
To let Pin's makefiles know where Pin is installed, set the PIN_ROOT environment variable with a command like:
$ export PIN_ROOT=$HOME/opt/pin-2.14-71313-gcc.4.4.7-linux
To let bash know where pin executable is installed add the PIN_ROOT to PATH environment variable with a command like:
$ export PATH=$PATH:$PIN_ROOT
It is probably a good idea to put this command in a startup script like .bashrc, so that you don't need to set the variable every time you log in:
$ echo 'export PIN_ROOT=$HOME/opt/pin-2.14-71313-gcc.4.4.7-linux' >>$HOME/.bashrc
$ echo 'export PATH=$PATH:$PIN_ROOT' >>$HOME/.bashrc
To install apt depends, use the following command
$ sudo apt-get install autoconf libtool protobuf-compiler libprotobuf-dev libboost-filesystem-dev libcrypto++-dev
To install piqi library with opam, use the following command
$ curl -o /usr/bin/piqi -L https://raw.github.com/alavrik/piqi-binary/master/Linux-x86_64/piqi && chmod +x /usr/bin/piqi
(alternatively, you can try to install piqi with opam install piqi
but this
may be more difficult as the opam version that comes with Ubuntu 14.04.1 is too old)
Download bap-frames with following command
$ git clone https://github.com/BinaryAnalysisPlatform/bap-frames.git
Change folder to bap-frames/libtrace
. Build and install library with following command
$ ./autogen.sh
$ ./configure
$ make
$ make install
Download bap-pintraces with following command
$ git clone https://github.com/BinaryAnalysisPlatform/bap-pintraces.git
Change folder to bap-pintraces and build tracer with command
$ make
To run executable exec
and to save taint infromation to <process id>-exec.frames
, use
$ pin -injection child -t obj-intel64/gentrace.so -o exec.frames -logall_before 1 -- exec [exec args]
To run executable exec
and to save the trace data to exec.frames
, use
$ pin -injection child -t obj-intel64/bpt.so -o exec.frames -- exec [exec args]