rr.do_track()
import time
time_start = time.time()
rr.do_track()
time_end = time.time()
print("time cost: %s s" % (time_end-time_start))
res = "time cost: %s s" % (time_end - time_start)
with open("time.time", "w") as f:
f.write(res)
f.close()
rr.enable_analysis(["heap_analysis", "call_analysis", "got_analysis", "leak_analysis", "shellcode_analysis"])
rr.do_analysis()
# from parse_helpers import *
# dumps = parse_dumps(rr, "./maps.19158.dump")
# def _hook_socket(state):
# print("in socket")
# def _hook_ioctl(state):
# print("in sigaction")
# rsp = state.regs.rsp
# print(hex(simgr.active[0].addr))
# print("over")
# list = simgr.deadended[0].history.bbl_addrs.hardcopy
# with open("log.log", 'w') as f:
# str = ""
# for addr in list:
# str += hex(addr) + "\n"
# f.write(str)
# f.close()
# print("over")
# rr.enable_analysis(["heap_analysis"])
import time
time_start = time.time()
#
# rr.enable_analysis(["heap_analysis", "shellcode_analysis", "leak_analysis", "got_analysis", "call_analysis"])
rr.enable_analysis(["heap_analysis", "leak_analysis"])
rr.do_analysis()
#
# rr.do_track()
time_end = time.time()
print("time cost: %s s" % (time_end - time_start))
#
# rr.generate_report()
# now: read
# now: read
# INFO | 2021-01-05 17:02:38,513 | shellcode_analysis | Found shellcode written at 0x1dc0040 (heap).
# Found exploited state: execve('/bin///sh', None, ...)
# Replay finished.
# time cost: 134.38854503631592 s
# Found exploited state: execve('/bin/sh', [], ...)
# Replay finished.
# time cost: 860.9132940769196 s
# over
# now: socket
# now: connect
# Found exploited state: execve('/bin/sh', [], ...)
# Replay finished.
# time cost: 698.7854998111725 s
# over
import time
time_start = time.time()
rr.enable_analysis(["heap_analysis"])
rr.do_analysis()
time_end = time.time()
print("time cost: %s s" % (time_end-time_start))
# rr.do_track()
print("over")
# rr = Replayer("./ptrace/mutil/thread_tests/thread", "./ptrace/mutil/thread_tests/stdin.txt", "./ptrace/mutil/thread_tests/maps.76058", test=True)
# from parse_helpers import *
# dumps = parse_dumps(rr, "./maps.19158.dump")
# def _hook_socket(state):
import sys
sys.path.append("../../source")
from replayer import Replayer
rr = Replayer("./wget", "./syscalls.record", "./maps", new_syscall=True)
rr.enable_analysis(["call_analysis", "heap_analysis", "shellcode_analysis"])
rr.do_analysis()
rr.generate_report()