Introduction Rudroid - this might arguably be one of the worst Android emulators possible. In this blog, we’ll write an emulator that can run a ‘Hello World’ Android ELF binary. While doing this, we will learn how to go about writing our own emulators. Writing an emulator is an awesome way to study and probably master the low-level details of the system we are trying to emulate. I assume you have some working knowledge of Rust, a Linux machine with Rust installed or a Docker engine, and a lot of patience to go through the documentation of system calls, file formats, and more.
Hey! I’m Chaithu (@ant4g0nist). Focused mostly on iOS/Android low-level security research for past couple of years. Here, I am going to document my research related to fuzzing, vulnerability research, iOS/macOS, Android and basebands that also include writing custom emulators. Recently started working on Smart Contract Security. Source for tools I write are available here: https://github.com/ant4g0nist. I’m open for any research work you’d like to do with me. You can reach me at @ant4g0nist.
TL;DR In this blog post, I will go through the process of why and how I built a new framework called Sloth 🦥, using which, I was able to fuzz Android Native libraries with libFuzzer and QEMU. You will see me talking about QEMU internals, and showcasing my patches. Finally you will see the running demo of my Sloth framework to perform the fuzzing for Skia library. Introduction aka how it all started… Initially, my goal was to build a tool to fuzz Android native libraries with libfuzzer and QEMU to perform binary-only code-coverage fuzzing.