TypeError: 'NoneType' object is not iterable

[leessang10]

Version

• system OS: Ubuntu 14.04.5 LTS 64bit
• angr: 7.8.8.1
• rex: 0.2
• tracer: 0.1

Problem

I recently installed rex via https://github.com/shellphish/rex/issues/5 However, problems occur when using rex Please help me find a solution...

Typed Commands in iPython

In [1]: import rex
WARNING | 2018-08-08 06:15:44,320 | angr.analyses.disassembly_utils | Your version of capstone does not support MIPS instruction groups.

In [2]: crash = rex.Crash("./test", "A"*200 + "\n")

The binary "test" crashes when type A*200

Error Message

WARNING | 2018-08-08 06:16:10,453 | angr.exploration_techniques.explorer | Using unicorn with find/avoid conditions that are a lambda (not a number, set, tuple or list)
WARNING | 2018-08-08 06:16:10,453 | angr.exploration_techniques.explorer | Unicorn may step over states that match the condition (find or avoid) without stopping.
---------------------------------------------------------------------------
TypeError                                 Traceback (most recent call last)
<ipython-input-2-f1b0cb84a7af> in <module>()
----> 1 crash = rex.Crash("./test", "A"*200 + "\n")

/home/lsm/angr-dev/angr/lib/python2.7/site-packages/rex/crash.pyc in __init__(self, binary, crash, pov_file, aslr, constrained_addrs, crash_state, prev_path, hooks, format_infos, rop_cache_tuple, use_rop, explore_steps, angrop_object, argv)
    164             s = simgr.one_active
    165             ChallRespInfo.prep_tracer(s, format_infos)
--> 166             ZenPlugin.prep_tracer(s)
    167 
    168             simgr.run()

/home/lsm/angr-dev/angr/lib/python2.7/site-packages/angr/state_plugins/trace_additions.pyc in prep_tracer(state)
    749         # setup the byte dict
    750         byte_dict = zen_plugin.byte_dict
--> 751         for i, b in enumerate(state.cgc.flag_bytes):
    752             var = list(b.variables)[0]
    753             byte_dict[var] = {i}

TypeError: 'NoneType' object is not iterable

[salls]

what is "test"? Is it a CGC binary?

[leessang10]

No, it is ELF binary written in C-language. here is the code.

#include <stdio.h>
#include <string.h>

char shellcode[100];

void dummy()
{
        system("ls");
}

int main(int argc, char *argv[])
{
        char buf[100], buf2[10];
        scanf("%s", buf);
        strcpy(shellcode,buf);
        strcpy(buf2, buf);
        printf("%s", buf);

}

[salls]

So it's trying to treat it as a CGC binary...

state.cgc.flag_bytes

Some stuff like the zen_plugin should only be run if the binary is a CGC binary. Looks like we'll need to add some checks before initializing it. It used to work, not sure what changed.

I won't be able to look at this for a week or more...

[leessang10]

Ok. then, I'll try the rex with some other stuff... Thank you for your answer!!

[leessang10]

One more question, Does rex require nose or colorguard?? I tried test_rex.py in rex dir, the following errors occur.

(angr)lsm@lsm:~/angr-dev/rex/tests$ python test_rex.py
WARNING | 2018-08-08 07:05:29,179 | angr.analyses.disassembly_utils | Your version of capstone does not support MIPS instruction groups.
Traceback (most recent call last):
  File "test_rex.py", line 4, in <module>
    import colorguard
  File "/home/lsm/angr-dev/angr/local/lib/python2.7/site-packages/colorguard/__init__.py", line 2, in <module>
    from colorguard.flags import BitFlag
  File "/home/lsm/angr-dev/angr/local/lib/python2.7/site-packages/colorguard/flags.py", line 52
    class BitFlag(object, metaclass=BitFlagMeta):
                                   ^
SyntaxError: invalid syntax

[rhelmot]

Nose is the test driver we use, so of course it's required if you want to run tests. Colorguard is meant to be the colorguard repo from mechaphish, not whatever pip install colorguard provides you.

[rhelmot]

Also, test_rex is badly broken. Don't expect it to work.

[leessang10]

I just want to test the ELF binary file, so how can I change Rex's code without checking CGC binary?

[rhelmot]

• clone the repository
• python setup.py develop
• edit code
• ???
• profit!

[github-actions[bot]]

This issue has been marked as stale because it has no recent activity. Please comment or add the pinned tag to prevent this issue from being closed.

[github-actions[bot]]

This issue has been closed due to inactivity.