Skip to content

Latest commit

 

History

History
107 lines (82 loc) · 3.58 KB

README.md

File metadata and controls

107 lines (82 loc) · 3.58 KB

Overview

Pin tracer - a tracer based on Pin: Intel’s Dynamic Binary Instrumentation Engine. It executes a binary executable and saves trace data using Protocol Buffer format. The contents of the trace data is defined in bap-frames project.

Preparing to build

Note: building instructions assume that you're using Ubuntu, but it may work on other systems, that uses apt-get.

Since this tool requires pin 2 which does not fully support Linux kernels 4.x and later, it is recommended to use a virtual machine with Ubuntu 14.04.1.

Before build tracer, you need download and install

  • pin
  • autoconf, libtool, protobuf-compiler, libboost-dev, libboost-filesystem-dev, libcrypto++-dev
  • piqi library

Here are installation example.

Download pin library:

$ wget http://software.intel.com/sites/landingpage/pintool/downloads/pin-2.14-71313-gcc.4.4.7-linux.tar.gz

Suppose you want install pin to $(HOME)/opt directory then:

$ tar xvzf pin-2.14-71313-gcc.4.4.7-linux.tar.gz -C $HOME/opt

To let Pin's makefiles know where Pin is installed, set the PIN_ROOT environment variable with a command like:

$ export PIN_ROOT=$HOME/opt/pin-2.14-71313-gcc.4.4.7-linux

To let bash know where pin executable is installed add the PIN_ROOT to PATH environment variable with a command like:

$ export PATH=$PATH:$PIN_ROOT

It is probably a good idea to put this command in a startup script like .bashrc, so that you don't need to set the variable every time you log in:

$ echo 'export PIN_ROOT=$HOME/opt/pin-2.14-71313-gcc.4.4.7-linux' >>$HOME/.bashrc
$ echo 'export PATH=$PATH:$PIN_ROOT' >>$HOME/.bashrc

To install apt depends, use the following command

$ sudo apt-get install autoconf libtool protobuf-compiler libprotobuf-dev libboost-filesystem-dev libcrypto++-dev 

To install piqi library with opam, use the following command

$ curl -o /usr/bin/piqi -L https://raw.github.com/alavrik/piqi-binary/master/Linux-x86_64/piqi && chmod +x /usr/bin/piqi

(alternatively, you can try to install piqi with opam install piqi but this may be more difficult as the opam version that comes with Ubuntu 14.04.1 is too old)

Build process

Download bap-frames with following command

$ git clone https://github.com/BinaryAnalysisPlatform/bap-frames.git

Change folder to bap-frames/libtrace. Build and install library with following command

$ ./autogen.sh 
$ ./configure 
$ make
$ make install

Download bap-pintraces with following command

$ git clone https://github.com/BinaryAnalysisPlatform/bap-pintraces.git

Change folder to bap-pintraces and build tracer with command

$ make

To run executable exec and to save taint infromation to <process id>-exec.frames, use

$ pin -injection child -t obj-intel64/gentrace.so -o exec.frames -logall_before 1 -- exec [exec args]

To run executable exec and to save the trace data to exec.frames, use

$ pin -injection child -t obj-intel64/bpt.so -o exec.frames -- exec [exec args]