Questions tagged [angr]

Questions addressing the platform-agnostic binary analysis framework angr. Use together with python-tag.

Angr is a suite of Python 3 libraries that let you load binary data and treat it in different ways:

Disassembly and intermediate-representation lifting
Program instrumentation
Symbolic execution
Control-flow analysis
Data-dependency analysis
Value-set analysis (VSA)
Decompilation

38 questions

votes

1 answer

Angr can't solve the googlectf beginner problem

I am a student studying angr, first time. I'm watching the code in this url. https://github.com/Dvd848/CTFs/blob/master/2020_GoogleCTF/Beginner.md import angr import claripy FLAG_LEN = 15 STDIN_FD = 0 base_addr = 0x100000 # To match addresses to…

angr

asked Oct 04 '21 at 17:06

Woo Byeong Su

votes

1 answer

unable to extract constants and argc for functions for Linux ELF binary

I am using latest version of angr (9,0,'gitrollling'). [I get the same behavior with angr version (9, 0, 4663)]. Using gcc 9.3.0 I created an ELF binary for this simple C program: float func3(float y) { float temp = 5.5; // expected angr to find…

c elf angr

asked Feb 17 '21 at 18:10

Gregory Hines

votes

1 answer

How to add a string input to the start of an Angr program?

sorry for the possibly-noobish question. I'm new to Angr and ran into a small issue/question. So, let's say I have a binary program, "mybinary", where I input something and it does some operations and checks against that to find a flag. (Normal…

python angr

asked Oct 17 '20 at 17:23

SleepyG

votes

1 answer

Analyzing firmware file with angr

I want to use angr to analyze IoT firmware file. I have read the documentation of angr,however, I could not find solution to analyze firmware file. So how can angr generate CFG file of Firmware? or How I can analyze firmware file with angr as…

firmware fuzzing angr symbolic-execution

asked Sep 22 '20 at 07:42

Ali

votes

1 answer

How to use Angr to analyze JNI functions in shared libraries?

I'm new to the binary analysis field. What I want to do is to analyze the JNI native interface functions (e.g., RegisterNatives or other functions listed here by using the SimProcedures provided by Angr. The shared libraries (*.so files) suppose to…

java-native-interface shared-libraries .so angr

asked Aug 07 '20 at 15:42

Jun Gao

votes

0 answers

Terminal in virtual environment says 'dpkg: no packages found matching libxml2-dev(for example)' and these packages are installed

I am trying to work with angr multi-architecture binary analysis platform, I am following the documentation on its webpage, and I am installing the platform's developer edition through git. I have no problems cloning the repository and creating the…

python linux binary virtualenv angr

asked Jan 04 '17 at 17:24

Julen Clarke

votes

1 answer

understanding the angr memory map

I'm working on one of the angr-doc challenges (https://github.com/angr/angr-doc/blob/2d45c9e6d9f91e83988719aa19940aec2cfd8747/examples/ekopartyctf2015_rev100/solve.py) but in my approach I have this situation: mov rdx, [rbp+var_150]; mov …

z3 solver smt angr

asked Nov 10 '16 at 20:27

user4547829

votes

1 answer

what is this sequence of chars in symbolic execution?

I am using Angr, a framework for symbolic execution. It only accepts 'read' function in C for getting input. It solves a program in C and converts its symbolic value to concrete value and I get this on its output: it is actually the value of…

arrays char smt angr symbolic-execution

asked May 05 '16 at 12:41

Mohammad Reza Dehghani Tafti

Prev 1 2