search

CYB3RMX / Qu1cksc0pe

All-in-One malware analysis tool.
GNU General Public License v3.0
1.33k stars 186 forks source link

linux usage #17

Closed helloworld104 closed 2 years ago

helloworld104 commented 2 years ago

how do i use qu1cksc0pe to analyze linux binaries dynamically?

CYB3RMX commented 2 years ago

You can use --watch argument. For example: python3 qu1cksc0pe.py --file linux_binary --watch

helloworld104 commented 2 years ago

what about the emulator part? do i need to link a linux vm?

CYB3RMX commented 2 years ago

No you dont need a VM. Emulator is Qiling based so when you execute the --watch argument Qu1cksc0pe downloads the rootfs for target binary and tries to execute that binary in downloaded rootfs

helloworld104 commented 2 years ago

thank you

helloworld104 commented 2 years ago

hi, i just tried to execute the watch command but i currently face this error... Screenshot from 2022-10-12 09-04-12 how do i get around it?

CYB3RMX commented 2 years ago

Hmm i think that error related to Qiling. Sometimes I encounter this errors to. I will look for it