Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

javascript issues #18

Open
DirectorX opened this issue Jun 30, 2022 · 2 comments
Open

javascript issues #18

DirectorX opened this issue Jun 30, 2022 · 2 comments

Comments

@DirectorX
Copy link 

 ✘ u@MBP ~/Code/fpicker <main ±> $ ./fpicker --fuzzer-mode active -e attach -p test -o examples/test/out/ -i examples/test/in/ -f examples/test/test-fuzzer.js
       __       _      _
      / _|     (_)    | |
     | |_ _ __  _  ___| | _____ _ __
     |  _| '_ \| |/ __| |/ / _ \ '__|
     | | | |_) | | (__|   <  __/ |
     |_| | .__/|_|\___|_|\_\___|_|
         | |
         |_|        Frida-Based Fuzzing Suite
- - - - - - - - - - - - - - - - - - - - - - -

Running fpicker using the following configuration:
- fuzzer-mode: 			FUZZER_MODE_STANDALONE_ACTIVE
- coverage_mode: 		COVERAGE_MODE_STALKER_SUMMARY
- standalone_mutator: 		STANDALONE_MUTATOR_NULL
- communication_mode: 		COMMUNICATION_MODE_SEND
- input_mode: 			INPUT_MODE_IN_PROCESS
- exec_mode: 			EXEC_MODE_ATTACH
- device_type: 			DEVICE_LOCAL
- process_name: 		test
- command: 			(null)
- fuzzer_timeout: 		500
- fuzzer_sleep: 		100
- verbose: 			false
- agent_script: 		examples/test/test-fuzzer.js
- corpus_dir: 			examples/test/in/
- out_dir: 			examples/test/out/
- metrics: enabled

[*] Found 2 Frida devices.
[*] Found desired Frida device: Local System(0)
[*] Trying to attach to process test
[*] Found process test with PID 33317
[*] Attached to process test on frida device Local System
[!] Unable to create agent script: Script(line 1): SyntaxError: expecting '('
[!] Error injecting Frida agent script

The code seems to be a bit old and there are issues with the javascript engine

also in order to be able to execute that script I added

import { createRequire } from 'module';
const require = createRequire(import.meta.url);

before

// Import the fuzzer base class
const Fuzzer = require("../../harness/fuzzer.js");
@X1aoR0
Copy link

X1aoR0 commented Jan 9, 2023

I use frida-compile 16.1.4.The compiled agent.js is also the problem. I can't understand why these two sentences are added, and after adding them, my compilation reports an error.
Error: unable to resolve: path, readable-stream, stream, util, readable-stream/passthrough, readable-stream/writable, assert, readable-stream/readable, events, os, buffer, process, constants, tty, net, url, crypto

 ✘ u@MBP ~/Code/fpicker <main ±> $ ./fpicker --fuzzer-mode active -e attach -p test -o examples/test/out/ -i examples/test/in/ -f examples/test/test-fuzzer.js
       __       _      _
      / _|     (_)    | |
     | |_ _ __  _  ___| | _____ _ __
     |  _| '_ \| |/ __| |/ / _ \ '__|
     | | | |_) | | (__|   <  __/ |
     |_| | .__/|_|\___|_|\_\___|_|
         | |
         |_|        Frida-Based Fuzzing Suite
- - - - - - - - - - - - - - - - - - - - - - -

Running fpicker using the following configuration:
- fuzzer-mode: 			FUZZER_MODE_STANDALONE_ACTIVE
- coverage_mode: 		COVERAGE_MODE_STALKER_SUMMARY
- standalone_mutator: 		STANDALONE_MUTATOR_NULL
- communication_mode: 		COMMUNICATION_MODE_SEND
- input_mode: 			INPUT_MODE_IN_PROCESS
- exec_mode: 			EXEC_MODE_ATTACH
- device_type: 			DEVICE_LOCAL
- process_name: 		test
- command: 			(null)
- fuzzer_timeout: 		500
- fuzzer_sleep: 		100
- verbose: 			false
- agent_script: 		examples/test/test-fuzzer.js
- corpus_dir: 			examples/test/in/
- out_dir: 			examples/test/out/
- metrics: enabled

[*] Found 2 Frida devices.
[*] Found desired Frida device: Local System(0)
[*] Trying to attach to process test
[*] Found process test with PID 33317
[*] Attached to process test on frida device Local System
[!] Unable to create agent script: Script(line 1): SyntaxError: expecting '('
[!] Error injecting Frida agent script

The code seems to be a bit old and there are issues with the javascript engine

also in order to be able to execute that script I added

import { createRequire } from 'module';
const require = createRequire(import.meta.url);

before

// Import the fuzzer base class
const Fuzzer = require("../../harness/fuzzer.js");

@ttdennis
Copy link
Owner

ttdennis commented Jan 9, 2023
edited
Loading

Oh. Yes it seems that some things in frida-compile have changed. For now you should be able to do the following:

  • put the fuzzer script (e.g. test-fuzzer.js) into the harness directory
  • run frida-compile -S test-fuzzer.js -o harness.js
  • remove the first three lines in the harness.js (frida-compile seems to add some metadata to the file which is invalid JS)
  • copy the harness.js to your project dir (e.g. examples/test/)

Then you should be able to run fpicker again. Make sure that you specify the correct compiled JS file (e.g. -f examples/test/harness.js).

This is not an ideal solution. I will have to take a better look at this, but in the short term it should at least get fpicker to run.

Edit: Nevermind, that doesn't work either. I will have to take a closer look...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ttdennis @DirectorX @X1aoR0