[angr] Angr usage

Koruba Tansho koruba.tansho at gmail.com
Mon Sep 12 14:11:05 PDT 2016


Yes, I speaked to Chris Salls (salls) on IRC and he walk me through parts
of it. I ended up with the attached solve script, which does what you
mentioned.

However, when run, I get the following:

Loaded
WARNING | 2016-09-12 08:41:14,436 | simuvex.plugins.symbolic_memory |
Concretizing symbolic length. Much sad; think about implementing.
WARNING | 2016-09-12 08:41:16,291 | simuvex.plugins.symbolic_memory |
Concretizing symbolic length. Much sad; think about implementing.
WARNING | 2016-09-12 08:41:20,166 | simuvex.s_run | Exit state has over 257
possible solutions. Likely unconstrained; skipping. <BV64 mem_fe79_16_64>
WARNING | 2016-09-12 08:41:21,861 | simuvex.s_run | Exit state has over 257
possible solutions. Likely unconstrained; skipping. <BV64
mem_fffffffff8000038_20_64>
WARNING | 2016-09-12 08:41:23,871 | simuvex.s_run | Exit state has over 257
possible solutions. Likely unconstrained; skipping. <BV64 mem_6eeff_25_64>
WARNING | 2016-09-12 08:41:25,763 | simuvex.s_run | Exit state has over 257
possible solutions. Likely unconstrained; skipping. <BV64
mem_8000000000000018_30_64>
WARNING | 2016-09-12 08:41:27,055 | simuvex.s_run | Exit state has over 257
possible solutions. Likely unconstrained; skipping. <BV64
mem_fffffffffff9_33_64>
WARNING | 2016-09-12 08:41:29,058 | simuvex.s_run | Exit state has over 257
possible solutions. Likely unconstrained; skipping. <BV64
mem_3fffffffffff9_37_64>
WARNING | 2016-09-12 08:41:36,802 | simuvex.s_run | Exit state has over 257
possible solutions. Likely unconstrained; skipping. <BV64
mem_ffffffffffff0038_118_64>
WARNING | 2016-09-12 08:41:38,512 | simuvex.s_run | Exit state has over 257
possible solutions. Likely unconstrained; skipping. <BV64
mem_8000000000000018_124_64>
WARNING | 2016-09-12 08:41:39,903 | simuvex.s_run | Exit state has over 257
possible solutions. Likely unconstrained; skipping. <BV64
mem_fffbffffffffff9_128_64>
WARNING | 2016-09-12 08:41:41,131 | simuvex.s_run | Exit state has over 257
possible solutions. Likely unconstrained; skipping. <BV64
mem_ffffffffff9_132_64>
WARNING | 2016-09-12 08:41:44,497 | simuvex.s_run | Exit state has over 257
possible solutions. Likely unconstrained; skipping. <BV64
Reverse(Reverse(mem_0_6_1024)[951:888])>
WARNING | 2016-09-12 08:41:45,759 | simuvex.s_run | Exit state has over 257
possible solutions. Likely unconstrained; skipping. <BV64
mem_fffffffffff80038_139_64>

And then just sit there waiting

Is there something wrong in my script? I pretty new to angr, so it is
likely that I made mistake some place.

I have also attached my test source and test binary.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.cs.ucsb.edu/pipermail/angr/attachments/20160912/a13de368/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: solve.py
Type: text/x-python-script
Size: 738 bytes
Desc: not available
URL: <https://lists.cs.ucsb.edu/pipermail/angr/attachments/20160912/a13de368/attachment-0002.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: test
Type: application/octet-stream
Size: 8968 bytes
Desc: not available
URL: <https://lists.cs.ucsb.edu/pipermail/angr/attachments/20160912/a13de368/attachment-0001.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: test.c
Type: text/x-csrc
Size: 691 bytes
Desc: not available
URL: <https://lists.cs.ucsb.edu/pipermail/angr/attachments/20160912/a13de368/attachment-0003.bin>


More information about the angr mailing list