How to use the angr.Project function in angr

To help you get started, we’ve selected a few angr examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

angr / angr / tests / test_function_manager.py View on Github

    @classmethod
    def setup_class(cls):
        cls.project = angr.Project(os.path.join(TEST_LOCATION, "x86_64", "fauxware"))

angr / angr / tests / test_veritesting.py View on Github

def run_veritesting_a(arch):
    # TODO: Added timeout control, since a failed state merging will result in running for a long time

    #logging.getLogger('angr.analyses.sse').setLevel(logging.DEBUG)

    proj = angr.Project(os.path.join(location, arch, "veritesting_a"),
                        load_options={'auto_load_libs': False},
                        use_sim_procedures=True
                        )
    ex = proj.factory.simulation_manager(veritesting=True)
    ex.explore(find=addresses_veritesting_a[arch])
    nose.tools.assert_not_equal(len(ex.found), 0)
    # Make sure the input makes sense
    for f in ex.found:
        input_str = f.plugins['posix'].dumps(0)
        nose.tools.assert_equal(input_str.count(b'B'), 10)

angr / angr / tests / test_concrete_not_packed_elf32_arm.py View on Github

def test_concrete_engine_linux_arm_no_unicorn_simprocedures():
    print("test_concrete_engine_linux_x86_unicorn_simprocedures")
    global avatar_gdb
    # pylint: disable=no-member
    avatar_gdb = AvatarGDBConcreteTarget(avatar2.archs.ARM, GDB_SERVER_IP, GDB_SERVER_PORT)
    p = angr.Project(binary_arm, concrete_target=avatar_gdb, use_sim_procedures=True)


    entry_state = p.factory.entry_state()
    solv_concrete_engine_linux_arm(p, entry_state)

angr / angr / tests / test_argc.py View on Github

def test_mipsel():
    proj = angr.Project(os.path.join(test_location, 'mipsel', 'argc_decide'))
    r_addr = 0x400708
    s = proj.factory.entry_state(args = ['aaa', 'bbb'], env ={"HOME": "/home/angr"})
    xpl = proj.factory.simulation_manager(s).explore(find=r_addr)

    nose.tools.assert_equal(len(xpl.found), 1)

    s = proj.factory.entry_state(args = ['aaa'], env ={"HOME": "/home/angr"})
    xpl = proj.factory.simulation_manager(s).explore(find=r_addr)

    nose.tools.assert_equal(len(xpl.found), 0)

angr / angr-doc / examples / CSCI-4968-MBE / challenges / crackme0x04 / solve.py View on Github

def main():
	proj = angr.Project('crackme0x04', load_options={"auto_load_libs": False})

	cfg = proj.analyses.CFG()
	FIND_ADDR = cfg.kb.functions.function(name="exit").addr
	AVOID_ADDR = 0x080484fb # dword [esp] = str.Password_Incorrect__n ; [0x8048649:4]=0x73736150 LEA str.Password_Incorrect__n ; "Password Incorrect!." @ 0x8048649

	sm = proj.factory.simulation_manager()
	sm.explore(find=FIND_ADDR, avoid=AVOID_ADDR)

	# embed()
	#print sm.found[0].posix.dumps(1)
	return sm.found[0].posix.dumps(0) # .lstrip('+0').rstrip('B')

kframework / X86-64-semantics / x86-semantics / docs / instruction_manuals / concrete_instances / Registers / instructions / adcb_r8_rh / adcb_r8_rh.gen.vex.py View on Github

import angr
proj = angr.Project('./instructions/adcb_r8_rh/adcb_r8_rh.o')
print proj.arch
print proj.entry
print proj.filename
irsb = proj.factory.block(proj.entry).vex
irsb.pp()

wwkenwong / CTF-Writeup / angr / MeePwn CTF- Missing Hash / solve.py View on Github

import angr
 
# load the binary into an angr project.
proj = angr.Project('crackme2_fix4.exe', load_options={"auto_load_libs": False})
# I'm going to skip all the beginning of the program.
state = proj.factory.entry_state(addr=0x004015B6)
 
# scanf() reads from stdin and stores it a this address
bind_addr = 0x040305A
# a symbolic input string with a length up to 10 bytes
input_string = state.se.BVS("input_string", 8 * 10)
# To be safe, I'm constraining input string. They are printable characters
for byte in input_string.chop(8):
  state.add_constraints(byte &gt;= ' ') # '\x20'
  state.add_constraints(byte &lt;= '~') # '\x7e'
  state.add_constraints(byte != 0) # null
 
# bind the symbolic string at bind_addr
state.memory.store(bind_addr, input_string)

kframework / X86-64-semantics / x86-semantics / docs / instruction_manuals / concrete_instances / Registers / instructions / cmovaeq_r64_r64 / cmovaeq_r64_r64.gen.vex.py View on Github

import angr
proj = angr.Project('./instructions/cmovaeq_r64_r64/cmovaeq_r64_r64.o')
print proj.arch
print proj.entry
print proj.filename
irsb = proj.factory.block(proj.entry).vex
irsb.pp()

sdasgup3 / binary-decompilation / x86-semantics / docs / instruction_manuals / concrete_instances / Registers / instructions / cmovbeq_r64_r64 / cmovbeq_r64_r64.gen.vex.py View on Github

import angr
proj = angr.Project('./instructions/cmovbeq_r64_r64/cmovbeq_r64_r64.o')
print proj.arch
print proj.entry
print proj.filename
irsb = proj.factory.block(proj.entry).vex
irsb.pp()

kframework / X86-64-semantics / x86-semantics / docs / instruction_manuals / concrete_instances / Registers / instructions / bzhil_r32_r32_r32 / bzhil_r32_r32_r32.gen.vex.py View on Github

import angr
proj = angr.Project('./instructions/bzhil_r32_r32_r32/bzhil_r32_r32_r32.o')
print proj.arch
print proj.entry
print proj.filename
irsb = proj.factory.block(proj.entry).vex
irsb.pp()

How to use the angr.Project function in angr

To help you get started, we’ve selected a few angr examples, based on popular ways it is used in public projects.

angr

Package Health Score

Popular angr functions

Similar packages