Closed ndlgiang closed 2 years ago
Your file doesn't have an arch specified in its header, so you have to specify which machine it runs on:
[+] In [1]: import angr
[+] In [2]: p = angr.Project('0a0a.exe', arch='x86_64')
[+] In [3]: p.factory.block(p.entry).pp()
_start:
40172c push 0x402444
401731 call 0x401726
Thank @rhelmot ,
I specific the param arch and it works. Just curious, do we have a way to detect the binary architecture without header?
Thank you
You can try using some other tool like binwalk? It is extremely uncommon for executable formats like this to not specify which architecture they're built for, so we don't have an in-house solution.
Thank you for your help. Have a nice day :)
Dear Sir / Madam,
Thank you for creating angr tool. I am using it for analyzing some binary files. However, for some "disarmed" binary, the tool throw this exception:
Exception has occurred: ArchNotFound - Can't find architecture info for architecture image_file_machine_unknown with '' bits and unsure endness
I am using up-to-date angr-dev master branch.
This is the full tracelog:
The root cause I find out is because
/angr-dev/cle/cle/backends/pe/pe.py
can't detect the binary file architecture.The binary is attached. 0a0a38fa5884a8b109bad5572b2ab2d568a6fe4621b5f86641c42f7d0d713e79.exe.zip
Could you please suggest the solution or workaround for this issue?
Thank you