How to compile a PIN tool using Visual Studio 2017
2018-07-16 11:02:40 Author: hshrzd.wordpress.com(查看原文) 阅读量:77 收藏

How to compile a PIN tool using Visual Studio 2017

UPDATE: the described problems in compiling the default PIN projects seems to be fixed in the new PIN release: 3.10.

PIN (of Intel) is a great platform for dynamic binary instrumentation. I use it on daily for tracing and deobfuscating malware, and I often recommend it to others. Unfortunately, figuring out how to set it up is not so straight-forward. If you want to compile the default projects that are distributed in the package, you may get multiple errors.

I never saw the full process of fixing them documented. I struggled with this myself, and from time to time people approach me asking for help. That’s why, I decided to make a walk-through, describing all the steps I did in order to get a tool compiled.

    • Used PIN package:
      • pin-3.7-97619-g0d0c92f4f-msvc-windows (link)
    • Environment:
      • Microsoft Visual Studio Community 2017 (Version 15.6.5)
      • Windows 8.1 64bit

Step 0 – I downloaded the PIN package and unpacked it into C:\pin\C_pin

I will be compiling MyPinTool, that is a part of the PIN Package:

my_pin_tool

Step 1 – I opened the single tool in Visual Studio and tried to compile it.

32bit

I got an error:

error1

So, I searched the pin main directory, and I found where this file is. It was in “C:\pin\extras\xed-ia32\include\xed” (we need to pick a 32 bit version for a 32 bit build).

32_or_64

So, I included that folder:

additional_include.png

[C/C++] -> [General] -> [Additional Include Directories]

Step 2 – I  tried to compile it again and got another error:

safeseh

So, I went to disable SAFESEH. From:

option

[Linker] -> [Advanced] -> [Image Has Safe Exception Handlers]

I switched to:

disable

[Linker] -> [Advanced] -> [Image Has Safe Exception Handlers] -> [No]

Step 3 – Another attempt of compilation, and another set of errors. This time at linking level:

unresolved_externals

I googled for those errors and I found this blog. Following the advice,  I solved it by adding “crtbeginS.obj” to additional dependencies:

dependencies.png

[Linker] -> [Input] -> [Additional Dependencies] -> add: crtbeginS.obj

And finally! It compiled:

result.png

I can only say that it was the nastiest part of PIN, and now it should go much easier. There are various sample projects included in the package, very helpful in learning the functionality.

To make working with it even easier, I made some scripts that are adding PIN along with my favorite tracer to the context menu. Thanks to them, I can start tracing any EXE just by one click. You can find them here.

run_with_pin

Appendix

About hasherezade

Programmer and researcher, interested in InfoSec.

This entry was posted in Tutorial. Bookmark the permalink.


文章来源: https://hshrzd.wordpress.com/2018/07/16/how-to-compile-a-pin-tool-using-visual-studio-2017/
如有侵权请联系:admin#unsafe.sh