pamplemousse / bits_of_static_binary_analysis Goto Github PK
View Code? Open in Web Editor NEWMaterial and examples for a presentation on static binary analysis.
bits_of_static_binary_analysis's Issues
Different Results
On line 28 of the 01_command_line_injection_RDA_on_check.py file, the observed results in your video show regDefs, stackDefs, and memDefs. However, when I run this example, up to that point on my own machine, I only see tmpDefs. Is there code you are leaving out because it is your research or proprietary? Or has the ANGR API changed for the RDA, which I can ask on the ANGR channels?
_handle_function trigger problem
Hi! I tried to reproduce RDA analysis, however, it seems that something wrong happened to _handle_function at angr.analyses.reaching_definitions.engine_vex:
at engine_vex.py line 576- line 583:
# direct calls
ext_func_name = None
if not self.project.loader.main_object.contains_addr(func_addr_int):
is_internal = False
symbol = self.project.loader.find_symbol(func_addr_int)
if symbol is not None:
ext_func_name = symbol.name
else:
is_internal = True
It seems that engineVex tries to recognize ext_func via main_object.contains_addr, and tries to find that symbol. However, in my case:
The external function fputs has been recognized as an internal function... Meanwhile, it's symbol could not be resolved... I wonder why is that happened?
Details to implement function resolvers
Thanks to your youtube video I could get the idea of taking inter-procedural data-flow analysis :)
I'd like to learn more details about your module argument_resolver.handler, since it's not open source right now. I'm a newer of angr, thus I wonder how to implement those libc_functions' parameter resolver, to be specific, to resolve each parameter and determine whether it defines or uses any variables.
question about building a robust inter_procedural RDA
Hi @Pamplemousse ,
Thanks for your previous suggestions, I could build a small-scale inter-procedural RDA. However, I'm trying to solve some real-world problem and going at some softwares, like wget.
To be more specific, I'm trying to use RDA to analyze the data-flow and dependency between some functions, e.g. socket -> connect -> bind -> recv -> read -> write(file), to analyze the dependency of the file(from the socket).
So I tried to use RDA from the caller of socket and do analysis. But however, there are lots of warnings during the step, and it seems that I couldn't control the stop of rda.
WARNING | 2021-04-13 13:33:36,529 | angr.analyses.reaching_definitions.engine_vex.SimEngineRDVEX | '<' not supported between instances of 'DataSet' and 'int'
WARNING | 2021-04-13 13:33:36,529 | angr.analyses.reaching_definitions.engine_vex.SimEngineRDVEX | '<' not supported between instances of 'DataSet' and 'int'
WARNING | 2021-04-13 13:33:36,536 | angr.analyses.reaching_definitions.engine_vex.SimEngineRDVEX | '<' not supported between instances of 'DataSet' and 'int'
WARNING | 2021-04-13 13:33:36,536 | angr.analyses.reaching_definitions.engine_vex.SimEngineRDVEX | '<' not supported between instances of 'DataSet' and 'int'
WARNING | 2021-04-13 13:33:36,537 | angr.analyses.reaching_definitions.engine_vex | Comparison of multiple values / different types.
WARNING | 2021-04-13 13:33:36,545 | angr.analyses.reaching_definitions.engine_vex | Comparison of multiple values / different types.
WARNING | 2021-04-13 13:33:36,774 | angr.analyses.reaching_definitions.engine_vex | Comparison of multiple values / different types.
WARNING | 2021-04-13 13:33:37,135 | angr.analyses.reaching_definitions.engine_vex | Comparison of multiple values / different types.
WARNING | 2021-04-13 13:33:37,736 | angr.knowledge_plugins.key_definitions.dataset | Reached maximum size of DataSet, discarded 0.
WARNING | 2021-04-13 13:33:37,736 | angr.knowledge_plugins.key_definitions.dataset | Reached maximum size of DataSet, discarded 1.
WARNING | 2021-04-13 13:33:37,740 | angr.analyses.reaching_definitions.engine_vex | Comparison of multiple values / different types.
WARNING | 2021-04-13 13:33:37,746 | angr.knowledge_plugins.key_definitions.dataset | Reached maximum size of DataSet, discarded 0.
WARNING | 2021-04-13 13:33:37,746 | angr.knowledge_plugins.key_definitions.dataset | Reached maximum size of DataSet, discarded 94601428029216.
WARNING | 2021-04-13 13:33:37,746 | angr.knowledge_plugins.key_definitions.dataset | Reached maximum size of DataSet, discarded 1.
WARNING | 2021-04-13 13:33:37,747 | angr.knowledge_plugins.key_definitions.dataset | Reached maximum size of DataSet, discarded 94601428108704.
WARNING | 2021-04-13 13:33:37,747 | angr.knowledge_plugins.key_definitions.dataset | Reached maximum size of DataSet, discarded 18446744073709551615.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.