Code Monkey home page Code Monkey logo

angrcutter's Introduction

AngrCutter

About

Cutter debug session integration with angr using the angrdbg API.

Integrating Angr into Cutter allows dynamic symbolic execution on binaries analyzed by Cutter using Cutter's debug state. For more information on angr see angr-doc and the angr paper.

GUI

AngrCutter adds a self-explanatory widget that lets you start/stop exploration, enable register symbolization and apply the exploration's results in the current debug session.

In addition to the widget, the plugin adds address interaction options to the disassembly context menu(Available in the Disassembly and Graph widget) and addressable context menu(Available when right clicking addresses in most widgets).

Examples

There are examples in the examples folder with short writeups.

Installation

Simply checkout or download the repository and copy the angrcutter folder to your cutter plugins directory (locating the plugins directory).

Dependencies

AngrCutter depends on angr and angrdbg, to install run:

python3 -m pip install angr
python3 -m pip install angrdbg

Other Debuggers

See angrdbg for other debugger frontends for angr.

angrcutter's People

Contributors

itayc0hen avatar yossizap avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar

Forkers

itayc0hen cokesme trietptm-on-coding-algorithms crackercat sensei-hacker logicaloverflow

angrcutter's Issues

hardcode python path in debugger.py

although I install angrdbg and angr to my python3 anaconda module, the plugin failed to load, since the hardcode path iin debugger.py

Is there a way to load the path from user environment instead ?

No module named '_cffi_backend'

Hi there,

except the hardcoded path, I changed it, but still can't find cffi.

It's weird because I can import _cffi_backend, but plugin seems not able to import.

changed debugger.py

sys.path.append('/usr/lib/python3.7/lib-dynload')
sys.path.append('/home/michael/.local/lib/python3.7/site-packages')
sys.path.append('/usr/local/lib/python3.7/dist-packages')
sys.path.append('/usr/lib/python3.7/dist-packages')

errors:

Couldn't load module for plugin: "angrcutter"
Traceback (most recent call last):
  File "/home/michael/.local/share/RadareOrg/Cutter/plugins/python/angrcutter/__init__.py", line 1, in <module>
    from .plugin_interface import create_cutter_plugin
  File "/home/michael/.local/share/RadareOrg/Cutter/plugins/python/angrcutter/plugin_interface.py", line 3, in <module>
    from .plugin import AngrWidget, printMessage, LogLevel
  File "/home/michael/.local/share/RadareOrg/Cutter/plugins/python/angrcutter/plugin.py", line 6, in <module>
    from .debugger import cutterDebugger
  File "/home/michael/.local/share/RadareOrg/Cutter/plugins/python/angrcutter/debugger.py", line 6, in <module>
    from angrdbg import *
  File "/home/michael/.local/lib/python3.7/site-packages/angrdbg/__init__.py", line 6, in <module>
    from .core import get_logger, StateShot, StateManager, get_registers
  File "/home/michael/.local/lib/python3.7/site-packages/angrdbg/core.py", line 6, in <module>
    from .context import load_project, get_memory_type, set_memory_type, get_debugger, SIMPROCS_FROM_CLE, ONLY_GOT_FROM_CLE, GET_ALL_DISCARD_CLE
  File "/home/michael/.local/lib/python3.7/site-packages/angrdbg/context.py", line 6, in <module>
    import angr
  File "/home/michael/.local/lib/python3.7/site-packages/angr/__init__.py", line 30, in <module>
    from .sim_procedure import SimProcedure
  File "/home/michael/.local/lib/python3.7/site-packages/angr/sim_procedure.py", line 5, in <module>
    from cle import SymbolType
  File "/home/michael/.local/lib/python3.7/site-packages/cle/__init__.py", line 18, in <module>
    from .loader import *
  File "/home/michael/.local/lib/python3.7/site-packages/cle/loader.py", line 1074, in <module>
    from .backends import MetaELF, ELF, PE, Blob, ALL_BACKENDS, Backend
  File "/home/michael/.local/lib/python3.7/site-packages/cle/backends/__init__.py", line 366, in <module>
    from .elf import ELF, ELFCore, MetaELF
  File "/home/michael/.local/lib/python3.7/site-packages/cle/backends/elf/__init__.py", line 1, in <module>
    from .elf import ELF
  File "/home/michael/.local/lib/python3.7/site-packages/cle/backends/elf/elf.py", line 12, in <module>
    from .metaelf import MetaELF, maybedecode
  File "/home/michael/.local/lib/python3.7/site-packages/cle/backends/elf/metaelf.py", line 1, in <module>
    import pyvex
  File "/home/michael/.local/lib/python3.7/site-packages/pyvex/__init__.py", line 17, in <module>
    ffi = cffi.FFI()
  File "/home/michael/.local/lib/python3.7/site-packages/cffi/api.py", line 48, in __init__
    import _cffi_backend as backend
ModuleNotFoundError: No module named '_cffi_backend'

testing manul import:

Python 3.7.5 (default, Nov 20 2019, 09:21:52) 
[GCC 9.2.1 20191008] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import _cffi_backend as backend
>>> backend.__file__
'/home/michael/.local/lib/python3.7/site-packages/_cffi_backend.cpython-37m-x86_64-linux-gnu.so'
>>>

by the way, your plugin need elftools and numpy, figured out from errors.

any idea what's going on?

No module named angrdbg

on executing cutter:

Setting PYTHONHOME = "/tmp/.mount_cutterFJUELh/usr"  for AppImage.
PYTHONHOME = "/tmp/.mount_cutterFJUELh/usr"
Setting r2 prefix = "/tmp/.mount_cutterFJUELh/usr"  for AppImage.
Setting r2 plugins dir = "/tmp/.mount_cutterFJUELh/usr/share/radare2/plugins"
Plugins are loaded from "/home/shivanshu/.local/share/RadareOrg/Cutter/plugins"
Couldn't load module for plugin: "angrcutter"
Traceback (most recent call last):
  File "/home/shivanshu/.local/share/RadareOrg/Cutter/plugins/python/angrcutter/__init__.py", line 1, in <module>
    from .plugin_interface import create_cutter_plugin
  File "/home/shivanshu/.local/share/RadareOrg/Cutter/plugins/python/angrcutter/plugin_interface.py", line 3, in <module>
    from .plugin import AngrWidget, printMessage, LogLevel
  File "/home/shivanshu/.local/share/RadareOrg/Cutter/plugins/python/angrcutter/plugin.py", line 6, in <module>
    from .debugger import cutterDebugger
  File "/home/shivanshu/.local/share/RadareOrg/Cutter/plugins/python/angrcutter/debugger.py", line 6, in <module>
    from angrdbg import *
ModuleNotFoundError: No module named 'angrdbg'
Plugin module does not contain create_cutter_plugin() function: "cutterref"
Loaded 1 plugin(s).
Plugins are loaded from "/usr/share/xfce4/RadareOrg/Cutter/plugins"
Plugins are loaded from "/usr/local/share/RadareOrg/Cutter/plugins"
Plugins are loaded from "/usr/share/RadareOrg/Cutter/plugins"
Plugins are loaded from "/tmp/.mount_cutterFJUELh/usr/share/RadareOrg/Cutter/plugins"
Loaded 1 plugin(s).

I am getting ModuleNotFound even if i have installed angrdbg

python3 -m pip install angrdbg

output is:

Requirement already satisfied: angrdbg in ./Programs/anaconda3/lib/python3.8/site-packages (1.0.16)
Requirement already satisfied: angr in ./Programs/anaconda3/lib/python3.8/site-packages (from angrdbg) (9.0.5610)
Requirement already satisfied: ipython in ./Programs/anaconda3/lib/python3.8/site-packages (from angrdbg) (7.19.0)
Requirement already satisfied: rpyc in ./Programs/anaconda3/lib/python3.8/site-packages (from angrdbg) (5.0.1)
Requirement already satisfied: ailment==9.0.5610 in ./Programs/anaconda3/lib/python3.8/site-packages (from angr->angrdbg) (9.0.5610)
Requirement already satisfied: progressbar2 in ./Programs/anaconda3/lib/python3.8/site-packages (from angr->angrdbg) (3.53.1)
Requirement already satisfied: protobuf>=3.12.0 in ./Programs/anaconda3/lib/python3.8/site-packages (from angr->angrdbg) (3.14.0)
Requirement already satisfied: cle==9.0.5610 in ./Programs/anaconda3/lib/python3.8/site-packages (from angr->angrdbg) (9.0.5610)
Requirement already satisfied: cachetools in ./Programs/anaconda3/lib/python3.8/site-packages (from angr->angrdbg) (4.2.0)
Requirement already satisfied: claripy==9.0.5610 in ./Programs/anaconda3/lib/python3.8/site-packages (from angr->angrdbg) (9.0.5610)
Requirement already satisfied: dpkt in ./Programs/anaconda3/lib/python3.8/site-packages (from angr->angrdbg) (1.9.4)
Requirement already satisfied: cffi>=1.14.0 in ./Programs/anaconda3/lib/python3.8/site-packages (from angr->angrdbg) (1.14.4)
Requirement already satisfied: pyvex==9.0.5610 in ./Programs/anaconda3/lib/python3.8/site-packages (from angr->angrdbg) (9.0.5610)
Requirement already satisfied: mulpyplexer in ./Programs/anaconda3/lib/python3.8/site-packages (from angr->angrdbg) (0.9)
Requirement already satisfied: psutil in ./Programs/anaconda3/lib/python3.8/site-packages (from angr->angrdbg) (5.8.0)
Requirement already satisfied: GitPython in ./Programs/anaconda3/lib/python3.8/site-packages (from angr->angrdbg) (3.1.12)
Requirement already satisfied: sortedcontainers in ./Programs/anaconda3/lib/python3.8/site-packages (from angr->angrdbg) (2.3.0)
Requirement already satisfied: archinfo==9.0.5610 in ./Programs/anaconda3/lib/python3.8/site-packages (from angr->angrdbg) (9.0.5610)
Requirement already satisfied: capstone>=3.0.5rc2 in ./Programs/anaconda3/lib/python3.8/site-packages (from angr->angrdbg) (4.0.2)
Requirement already satisfied: networkx>=2.0 in ./Programs/anaconda3/lib/python3.8/site-packages (from angr->angrdbg) (2.5)
Requirement already satisfied: itanium-demangler in ./Programs/anaconda3/lib/python3.8/site-packages (from angr->angrdbg) (1.0)
Requirement already satisfied: unicorn==1.0.2rc4 in ./Programs/anaconda3/lib/python3.8/site-packages (from angr->angrdbg) (1.0.2rc4)
Requirement already satisfied: CppHeaderParser in ./Programs/anaconda3/lib/python3.8/site-packages (from angr->angrdbg) (2.7.4)
Requirement already satisfied: pycparser>=2.18 in ./Programs/anaconda3/lib/python3.8/site-packages (from angr->angrdbg) (2.20)
Requirement already satisfied: z3-solver>=4.8.5.0 in ./Programs/anaconda3/lib/python3.8/site-packages (from claripy==9.0.5610->angr->angrdbg) (4.8.10.0)
Requirement already satisfied: future in ./Programs/anaconda3/lib/python3.8/site-packages (from claripy==9.0.5610->angr->angrdbg) (0.18.2)
Requirement already satisfied: pysmt in ./Programs/anaconda3/lib/python3.8/site-packages (from claripy==9.0.5610->angr->angrdbg) (0.9.0)
Requirement already satisfied: decorator in ./Programs/anaconda3/lib/python3.8/site-packages (from claripy==9.0.5610->angr->angrdbg) (4.4.2)
Requirement already satisfied: pefile in ./Programs/anaconda3/lib/python3.8/site-packages (from cle==9.0.5610->angr->angrdbg) (2019.4.18)
Requirement already satisfied: pyelftools>=0.25 in ./Programs/anaconda3/lib/python3.8/site-packages (from cle==9.0.5610->angr->angrdbg) (0.27)
Requirement already satisfied: bitstring in ./Programs/anaconda3/lib/python3.8/site-packages (from pyvex==9.0.5610->angr->angrdbg) (3.1.7)
Requirement already satisfied: six>=1.9 in ./Programs/anaconda3/lib/python3.8/site-packages (from protobuf>=3.12.0->angr->angrdbg) (1.15.0)
Requirement already satisfied: ply in ./Programs/anaconda3/lib/python3.8/site-packages (from CppHeaderParser->angr->angrdbg) (3.11)
Requirement already satisfied: gitdb<5,>=4.0.1 in ./Programs/anaconda3/lib/python3.8/site-packages (from GitPython->angr->angrdbg) (4.0.5)
Requirement already satisfied: smmap<4,>=3.0.1 in ./Programs/anaconda3/lib/python3.8/site-packages (from gitdb<5,>=4.0.1->GitPython->angr->angrdbg) (3.0.5)
Requirement already satisfied: pygments in ./Programs/anaconda3/lib/python3.8/site-packages (from ipython->angrdbg) (2.7.3)
Requirement already satisfied: setuptools>=18.5 in ./Programs/anaconda3/lib/python3.8/site-packages (from ipython->angrdbg) (51.0.0)
Requirement already satisfied: pexpect>4.3 in ./Programs/anaconda3/lib/python3.8/site-packages (from ipython->angrdbg) (4.8.0)
Requirement already satisfied: pickleshare in ./Programs/anaconda3/lib/python3.8/site-packages (from ipython->angrdbg) (0.7.5)
Requirement already satisfied: backcall in ./Programs/anaconda3/lib/python3.8/site-packages (from ipython->angrdbg) (0.2.0)
Requirement already satisfied: prompt-toolkit!=3.0.0,!=3.0.1,<3.1.0,>=2.0.0 in ./Programs/anaconda3/lib/python3.8/site-packages (from ipython->angrdbg) (3.0.8)
Requirement already satisfied: traitlets>=4.2 in ./Programs/anaconda3/lib/python3.8/site-packages (from ipython->angrdbg) (5.0.5)
Requirement already satisfied: jedi>=0.10 in ./Programs/anaconda3/lib/python3.8/site-packages (from ipython->angrdbg) (0.17.2)
Requirement already satisfied: parso<0.8.0,>=0.7.0 in ./Programs/anaconda3/lib/python3.8/site-packages (from jedi>=0.10->ipython->angrdbg) (0.7.0)
Requirement already satisfied: ptyprocess>=0.5 in ./Programs/anaconda3/lib/python3.8/site-packages (from pexpect>4.3->ipython->angrdbg) (0.6.0)
Requirement already satisfied: wcwidth in ./Programs/anaconda3/lib/python3.8/site-packages (from prompt-toolkit!=3.0.0,!=3.0.1,<3.1.0,>=2.0.0->ipython->angrdbg) (0.2.5)
Requirement already satisfied: ipython-genutils in ./Programs/anaconda3/lib/python3.8/site-packages (from traitlets>=4.2->ipython->angrdbg) (0.2.0)
Requirement already satisfied: python-utils>=2.3.0 in ./Programs/anaconda3/lib/python3.8/site-packages (from progressbar2->angr->angrdbg) (2.5.5)
Requirement already satisfied: plumbum in ./Programs/anaconda3/lib/python3.8/site-packages (from rpyc->angrdbg) (1.6.9)

but on importing angrdbg from python interpreter:

(base) shivanshu@kali:~$ python3
Python 3.8.3 (default, Jul  2 2020, 16:21:59) 
[GCC 7.3.0] :: Anaconda, Inc. on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import angrdbg
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/home/shivanshu/Programs/anaconda3/lib/python3.8/site-packages/angrdbg/__init__.py", line 6, in <module>
    from .core import get_logger, StateShot, StateManager, get_registers
  File "/home/shivanshu/Programs/anaconda3/lib/python3.8/site-packages/angrdbg/core.py", line 14, in <module>
    from .memory_8 import SimSymbolicDbgMemory
  File "/home/shivanshu/Programs/anaconda3/lib/python3.8/site-packages/angrdbg/memory_8.py", line 17, in <module>
    from angr.storage.memory import SimMemory, DUMMY_SYMBOLIC_READ_VALUE
ModuleNotFoundError: No module named 'angr.storage.memory'
>>>

Crashes cutter stable and dev

I built and installed rizin and cutter from source and installed this plugin
angr version is 8.20.7.27 (angrdbg doesn't work with v9), angrdbg version is 1.0.16
rizin and cutter version is 0.4.0-dev

This happened only after installing angrcutter by creating a soft link to ~/.local/share/rizin/cutter/plugins/python/

Other plugins installed:

  • ghidra + ghidra-cutter
  • jsdec
  • cutterref

When starting cutter the load options dialog opens. but right after clicking OK cutter crashes.

minidump attached

Cutter_crash_dump_01.01.22_16.38.59.dmp.zip
.

Plugin not detected when using Python3.8

The plugin is not loaded when the default python3 version is Python3.8

The following errors are generated:

Setting PYTHONHOME = "/tmp/.mount_cuttervR0yBO/usr"  for AppImage.
PYTHONHOME = "/tmp/.mount_cuttervR0yBO/usr"
Setting r2 prefix = "/tmp/.mount_cuttervR0yBO/usr"  for AppImage.
Setting r2 plugins dir = "/tmp/.mount_cuttervR0yBO/usr/share/radare2/plugins"
Plugins are loaded from "/root/.local/share/RadareOrg/Cutter/plugins"
/usr/bin/ld: cannot find -lpython3.6m
collect2: error: ld returned 1 exit status
Couldn't load module for plugin: "angrcutter"
Traceback (most recent call last):
  File "/tmp/.mount_cuttervR0yBO/usr/lib/python3.6/distutils/unixccompiler.py", line 196, in link
    self.spawn(linker + ld_args)
  File "/tmp/.mount_cuttervR0yBO/usr/lib/python3.6/distutils/ccompiler.py", line 909, in spawn
    spawn(cmd, dry_run=self.dry_run)
  File "/tmp/.mount_cuttervR0yBO/usr/lib/python3.6/distutils/spawn.py", line 36, in spawn
    _spawn_posix(cmd, search_path, dry_run=dry_run)
  File "/tmp/.mount_cuttervR0yBO/usr/lib/python3.6/distutils/spawn.py", line 159, in _spawn_posix
    % (cmd, exit_status))
distutils.errors.DistutilsExecError: command 'gcc' failed with exit status 1

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/root/.local/share/RadareOrg/Cutter/plugins/python/angrcutter/__init__.py", line 1, in <module>
    from .plugin_interface import create_cutter_plugin
  File "/root/.local/share/RadareOrg/Cutter/plugins/python/angrcutter/plugin_interface.py", line 3, in <module>
    from .plugin import AngrWidget, printMessage, LogLevel
  File "/root/.local/share/RadareOrg/Cutter/plugins/python/angrcutter/plugin.py", line 6, in <module>
    from .debugger import cutterDebugger
  File "/root/.local/share/RadareOrg/Cutter/plugins/python/angrcutter/debugger.py", line 6, in <module>
    from angrdbg import *
  File "/usr/local/lib/python3.8/dist-packages/angrdbg/__init__.py", line 6, in <module>
    from .core import get_logger, StateShot, StateManager, get_registers
  File "/usr/local/lib/python3.8/dist-packages/angrdbg/core.py", line 6, in <module>
    from .context import load_project, get_memory_type, set_memory_type, get_debugger, SIMPROCS_FROM_CLE, ONLY_GOT_FROM_CLE, GET_ALL_DISCARD_CLE
  File "/usr/local/lib/python3.8/dist-packages/angrdbg/context.py", line 6, in <module>
    import angr
  File "/usr/local/lib/python3.8/dist-packages/angr/__init__.py", line 30, in <module>
    from .sim_procedure import SimProcedure
  File "/usr/local/lib/python3.8/dist-packages/angr/sim_procedure.py", line 5, in <module>
    from cle import SymbolType
  File "/usr/local/lib/python3.8/dist-packages/cle/__init__.py", line 18, in <module>
    from .loader import *
  File "/usr/local/lib/python3.8/dist-packages/cle/loader.py", line 14, in <module>
    import claripy
  File "/usr/local/lib/python3.8/dist-packages/claripy/__init__.py", line 21, in <module>
    from . import backends as _backends_module
  File "/usr/local/lib/python3.8/dist-packages/claripy/backends/__init__.py", line 785, in <module>
    from .backend_smtlib import BackendSMTLibBase
  File "/usr/local/lib/python3.8/dist-packages/claripy/backends/backend_smtlib.py", line 3, in <module>
    from pysmt.shortcuts import Symbol, String, StrConcat, NotEquals, \
  File "/usr/local/lib/python3.8/dist-packages/pysmt/shortcuts.py", line 38, in <module>
    import pysmt.smtlib.parser
  File "/usr/local/lib/python3.8/dist-packages/pysmt/smtlib/parser/__init__.py", line 91, in <module>
    pyxbuild_dir=build_dir)
  File "/usr/lib/python3/dist-packages/pyximport/pyximport.py", line 191, in build_module
    reload_support=pyxargs.reload_support)
  File "/usr/lib/python3/dist-packages/pyximport/pyxbuild.py", line 102, in pyx_to_dll
    dist.run_commands()
  File "/tmp/.mount_cuttervR0yBO/usr/lib/python3.6/distutils/dist.py", line 955, in run_commands
    self.run_command(cmd)
  File "/tmp/.mount_cuttervR0yBO/usr/lib/python3.6/distutils/dist.py", line 974, in run_command
    cmd_obj.run()
  File "/usr/lib/python3/dist-packages/Cython/Distutils/old_build_ext.py", line 186, in run
    _build_ext.build_ext.run(self)
  File "/tmp/.mount_cuttervR0yBO/usr/lib/python3.6/distutils/command/build_ext.py", line 339, in run
    self.build_extensions()
  File "/usr/lib/python3/dist-packages/Cython/Distutils/old_build_ext.py", line 195, in build_extensions
    _build_ext.build_ext.build_extensions(self)
  File "/tmp/.mount_cuttervR0yBO/usr/lib/python3.6/distutils/command/build_ext.py", line 448, in build_extensions
    self._build_extensions_serial()
  File "/tmp/.mount_cuttervR0yBO/usr/lib/python3.6/distutils/command/build_ext.py", line 473, in _build_extensions_serial
    self.build_extension(ext)
  File "/tmp/.mount_cuttervR0yBO/usr/lib/python3.6/distutils/command/build_ext.py", line 558, in build_extension
    target_lang=language)
  File "/tmp/.mount_cuttervR0yBO/usr/lib/python3.6/distutils/ccompiler.py", line 717, in link_shared_object
    extra_preargs, extra_postargs, build_temp, target_lang)
  File "/tmp/.mount_cuttervR0yBO/usr/lib/python3.6/distutils/unixccompiler.py", line 198, in link
    raise LinkError(msg)
distutils.errors.LinkError: command 'gcc' failed with exit status 1
Plugin module does not contain create_cutter_plugin() function: "cutterref"
Loaded 0 plugin(s).

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.