Exemplos de Manticore.subscribe em Python

Exemplo n.º 1

Arquivo: hello42.py Projeto: freemanZYQ/manticore

        with m.locked_context() as context:
            context['count'] += 1

            if state.cpu.PC == 0x406f10:  # puts
                s = state.cpu.read_string(state.cpu.X0)
                assert s == 'hello'
                print(f'puts argument: {s}')

            elif state.cpu.PC == 0x40706c:  # puts result
                result = state.cpu.X0
                assert result >= 0
                print(f'puts result: {result}')

            elif state.cpu.PC == 0x415e50:  # exit
                status = state.cpu.X0
                syscall = state.cpu.X8
                assert syscall == 94  # sys_exit_group
                print(f'exit status: {status}')

    def execute_instruction(self, insn, msg):
        print(f'{msg}: 0x{insn.address:x}: {insn.mnemonic} {insn.op_str}')

    m.subscribe('will_execute_instruction', lambda self, state, pc, insn:
                execute_instruction(self, insn, 'next'))
    m.subscribe('did_execute_instruction', lambda self, state, last_pc, pc, insn:
                execute_instruction(self, insn, 'done'))

    m.run(procs=1)

    print(f"Executed {m.context['count']} instructions")

Exemplo n.º 2

Arquivo: basic_statemerging.py Projeto: zumb08/manticore

import sys

from manticore.native.plugins import Merger
from manticore.utils import config

from manticore.native import Manticore
from manticore import set_verbosity
"""
Demonstrates the ability to do state merging on a simple program by merging states with id 2, 4 that happen to be 
at the same program location 0x40060d. This script uses the Merger plugin to apply opportunistic state merging.
"""
if __name__ == "__main__":
    config.get_group("core").seed = 2
    config.get_group("core").mprocessing = config.get_group(
        "core").mprocessing.single
    path = sys.argv[1]
    m = Manticore(path, policy="random")

    def will_load_state_callback(_mc, state_id):
        print("about to load state_id = " + str(state_id))

    def did_load_state_callback(_mc, state):
        print("loaded state_id = " + str(state.id) + " at cpu = " +
              hex(state.cpu.PC))

    m.subscribe("will_load_state", will_load_state_callback)
    m.subscribe("did_load_state", did_load_state_callback)
    m.register_plugin(Merger())
    m.run()

Exemplo n.º 3

Arquivo: hello42.py Projeto: zumb08/manticore

                s = state.cpu.read_string(state.cpu.X0)
                assert s == "hello"
                print(f"puts argument: {s}")

            elif state.cpu.PC == 0x40706C:  # puts result
                result = state.cpu.X0
                assert result >= 0
                print(f"puts result: {result}")

            elif state.cpu.PC == 0x415E50:  # exit
                status = state.cpu.X0
                syscall = state.cpu.X8
                assert syscall == 94  # sys_exit_group
                print(f"exit status: {status}")

    def execute_instruction(self, insn, msg):
        print(f"{msg}: 0x{insn.address:x}: {insn.mnemonic} {insn.op_str}")

    m.subscribe(
        "will_execute_instruction",
        lambda self, state, pc, insn: execute_instruction(self, insn, "next"),
    )
    m.subscribe(
        "did_execute_instruction",
        lambda self, state, last_pc, pc, insn: execute_instruction(self, insn, "done"),
    )

    m.run()

    print(f"Executed {m.context['count']} instructions")