Functrace : A Function Tracer To Analyze A Binary File

Functrace : A Function Tracer

Functrace is a tool that helps to analyze a binary file with dynamic instrumentation using DynamoRIO. These are some implemented features (based on DynamoRIO):

disassemble all the executed code
disassemble a specific function (dump if these are addresses)
get arguments of a specific function (dump if these are addresses)
get return value of a specific function (dump if this is an address)
monitors application signals
generate a report file
ghidra(https://ghidra-sre.org/) coverage script (based on the functrace report file)

Setup

$ wget https://github.com/DynamoRIO/dynamorio/releases/download/release_7_0_0_rc1/DynamoRIO-Linux-7.0.0-RC1.tar.gz
$ tar xvzf DynamoRIO-Linux-7.0.0-RC1.tar.gz

$ wget https://github.com/DynamoRIO/dynamorio/releases/download/cronbuild-7.91.18047/DynamoRIO-x86_64-Linux-7.91.18047-0.tar.gz
$ tar xvzf DynamoRIO-x86_64-Linux-7.91.18047-0.tar.gz

You can also clone and compile directly DynamoRIO:

$ git clone https://github.com/invictus1306/functrace
$ mkdir -p functrace/build
$ cd functrace/build
$ cmake .. -DDynamoRIO_DIR=/full_DR_path/cmake/
$ make -j4

Also Read – SharpHide : Tool To Create Hidden Registry Keys

Simple DEMO

Using Functrace

$ drrun -c libfunctrace.so -report_file report — target_program [args]

Options

The following [functrace](https://github.com/invictus1306/functrace) options are supported:

-disassembly-> disassemble all the functions
-disas_func function_name -> disassemble only the function function_name
-wrap_function function_name-> wrap the function function_name
-wrap_function_args num_args-> number of arguments of the wrapped function
-cbr-> remove the bb from the cache (in case of conditional jump)
-report_file file_name-> report file name (required)
-verbose-> verbose]

Simple Usage

Option -verbose

$ drrun -c libfunctrace.so -report_file report -verbose — target_program [args]

Option -Disassemby

$ drrun -c libfunctrace.so -report_file report -disassembly — target_program [args]

Option -Disas_Func

$ drrun -c libfunctrace.so -report_file report -disas_func name_function — target_program [args]

Option -wrap_function and -wrap_function_args

$ drrun -c libfunctrace.so -report_file report -wrap_function name_function -wrap_function_args num_args — target_program [args]

Option -CBR

$ drrun -c libfunctrace.so -report_file report -cbr — target_program [args]

CVE-2018-4013 – Vulnerability Analysis

A vulnerability on the LIVE555 RTSP server library. This is the description.

Download

R K

Next Ngrev : Tool For Reverse Engineering of Angular Applications »

Previous « APK-MITM : Android APK Files for HTTPS Inspection

Published by

R K

Tags: FunctraceTracer

4 years ago

Cybersecurity Toolkit – Essential Python Tools For Penetration Testing

Welcome to the Cybersecurity Toolkit, a collection of essential Python tools designed for penetration testing…

22 hours ago

Cyber security

i-Haklab : Unleashing The Power Of Termux For Enhanced Cybersecurity

The main objective of the creation of this laboratory is to transport the applications, tools…

22 hours ago

Hacking Tools

Dark FB – A Comprehensive Toolkit For Advanced Facebook Interactions

"Dark FB" is a powerful toolkit designed for those who wish to delve deeper into…

22 hours ago

Cyber security

Wifi-Hacking.py : Your Ultimate Guide To Ethical WiFi Penetration Testing

Unlock the potential of ethical hacking with Wifi-Hacking.py, a powerful cybersecurity tool designed to navigate…

2 days ago

Cyber security

THREAT ACTORS – TTPs : Decoding The Digital Underworld Through Comprehensive Mapping

This repository was created with the aim of assisting companies and independent researchers about Tactics,…

2 days ago

Cyber security

MagicDot : Harnessing DOT-To-NT Path Conversion For Rootkit-Like Capabilities

A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path…

2 days ago

Kali Linux Tutorials