angr / rex

Shellphish's automated exploitation engine, originally created for the Cyber Grand Challenge.
BSD 2-Clause "Simplified" License
634 stars 102 forks source link

error when ran the sample code #39

Closed yangshouguo closed 2 years ago

yangshouguo commented 5 years ago
In [1]: import rex                                                                                                                                                                       

In [2]: crash = rex.Crash("./legit_00003", b"\x00\x0b1\xc1\x00\x0c\xeb\xe4\xf1\xf1\x14\r\rM\r\xf3\x1b\r\r\r~\x7f\x1b\xe3\x0c`_222\r\rM\r\xf3\x1b\r\x7f\x002\x7f~\x7f\xe2\xff\x7f\xff\xff\
   ...: x8b\xc7\xc9\x83\x8b\x0c\xeb\x80\x002\xac\xe2\xff\xff\x00t\x8bt\x8bt_o_\x00t\x8b\xc7\xdd\x83\xc2t~n~~\xac\xe2\xff\xff_k_\x00t\x8b\xc7\xdd\x83\xc2t~n~~\xac\xe2\xff\xff\x00t\x8bt\x
   ...: 8b\xac\xf1\x83\xc2t~c\x00\x00\x00~~\x7f\xe2\xff\xff\x00t\x9e\xac\xe2\xf1\xf2@\x83\xc3t")                                                                                         
Traceback (most recent call last):
  File "<string>", line 1, in <module>
ImportError: No module named shellphish_qemu
ldd: /bin: not regular file
ldd: /boot: not regular file
ldd: /cdrom: not regular file
ldd: /dev: not regular file
ldd: /etc: not regular file
ldd: /home: not regular file
ldd: /lib: not regular file
ldd: /lib32: not regular file
ldd: /lib64: not regular file
ldd: /libx32: not regular file
ldd: /lost+found: not regular file
ldd: /media: not regular file
ldd: /mnt: not regular file
ldd: /opt: not regular file
ldd: /proc: not regular file
ldd: /root: not regular file
ldd: /run: not regular file
ldd: /sbin: not regular file
ldd: /snap: not regular file
ldd: /srv: not regular file
ldd: /sys: not regular file
ldd: /tmp: not regular file
ldd: /usr: not regular file
ldd: /var: not regular file
ldd: /shellphish-qemu-cgc-base: No such file or directory
cp: omitting directory '/bin'
cp: omitting directory '/boot'
cp: omitting directory '/cdrom'
cp: omitting directory '/dev'
cp: omitting directory '/etc'
cp: omitting directory '/home'
cp: omitting directory '/lib'
cp: omitting directory '/lib32'
cp: omitting directory '/lib64'
cp: omitting directory '/libx32'
cp: omitting directory '/lost+found'
cp: omitting directory '/media'
cp: omitting directory '/mnt'
cp: omitting directory '/opt'
cp: omitting directory '/proc'
cp: omitting directory '/root'
cp: omitting directory '/run'
cp: omitting directory '/sbin'
cp: omitting directory '/snap'
cp: omitting directory '/srv'
cp: omitting directory '/sys'
cp: omitting directory '/tmp'
cp: omitting directory '/usr'
cp: omitting directory '/var'
---------------------------------------------------------------------------
AttributeError                            Traceback (most recent call last)
<ipython-input-2-bb2d345df134> in <module>
----> 1 crash = rex.Crash("./legit_00003", b"\x00\x0b1\xc1\x00\x0c\xeb\xe4\xf1\xf1\x14\r\rM\r\xf3\x1b\r\r\r~\x7f\x1b\xe3\x0c`_222\r\rM\r\xf3\x1b\r\x7f\x002\x7f~\x7f\xe2\xff\x7f\xff\xff\x8b\xc7\xc9\x83\x8b\x0c\xeb\x80\x002\xac\xe2\xff\xff\x00t\x8bt\x8bt_o_\x00t\x8b\xc7\xdd\x83\xc2t~n~~\xac\xe2\xff\xff_k_\x00t\x8b\xc7\xdd\x83\xc2t~n~~\xac\xe2\xff\xff\x00t\x8bt\x8b\xac\xf1\x83\xc2t~c\x00\x00\x00~~\x7f\xe2\xff\xff\x00t\x9e\xac\xe2\xf1\xf2@\x83\xc3t")

~/WorkSpace/AEG/rex/rex/crash.py in __init__(self, target, crash, pov_file, aslr, constrained_addrs, hooks, format_infos, tracer_bow, explore_steps, input_type, port, use_crash_input, checkpoint_path, rop_cache_tuple, use_rop, fast_mode, angrop_object, rop_cache_path, prev_path, crash_state, initial_state)
     84         self.target_port = port
     85         self.crash = crash
---> 86         self.tracer_bow = tracer_bow if tracer_bow is not None else archr.arsenal.QEMUTracerBow(self.target)
     87 
     88         if self.explore_steps > 10:

/usr/local/lib/python3.5/dist-packages/archr-8.18.10.5-py3.5.egg/archr/arsenal/qemu_tracer.py in __init__(self, target, timeout, ld_linux, library_path, seed)
     41 
     42     def __init__(self, target, timeout=10, ld_linux=None, library_path=None, seed=None):
---> 43         super().__init__(target)
     44         self.timeout = timeout
     45         self.ld_linux = ld_linux

/usr/local/lib/python3.5/dist-packages/archr-8.18.10.5-py3.5.egg/archr/arsenal/__init__.py in __init__(self, target)
     14         """
     15         self.target = target
---> 16         self.nock()
     17 
     18     def nock(self):

/usr/local/lib/python3.5/dist-packages/archr-8.18.10.5-py3.5.egg/archr/arsenal/__init__.py in nock(self)
     22         if self.REQUIRED_ARROW:
     23             with arrows.bundle(self.REQUIRED_ARROW) as b:
---> 24                 self.target.inject_path(b, "/tmp/%s" % self.REQUIRED_ARROW)
     25         if self.REQUIRED_BINARY:
     26             with arrows.bundle_binary(self.REQUIRED_BINARY) as b:

AttributeError: 'str' object has no attribute 'inject_path'

i have installed shellphish_qemu with `pip3 install shellphish_qemu

Ma3k4H3d commented 5 years ago

Please do not try to build shellphish-qemu and shellphish-afl by yourself. Use the wheels on pypi or in https://github.com/angr/wheels.

But, demo code still should be updated. Because archr be added.

yangshouguo commented 5 years ago

Please do not try to build shellphish-qemu and shellphish-afl by yourself. Use the wheels on pypi or in https://github.com/angr/wheels.

But, demo code still should be updated. Because archr be added.

I install the shellphish-qemu and shellphish-afl as you said but still got same problem.

I run code in test directory, It still didn't work.

I just installed all the packages in requirement.txt , anything i missed ?

Ma3k4H3d commented 5 years ago

Please do not try to build shellphish-qemu and shellphish-afl by yourself. Use the wheels on pypi or in https://github.com/angr/wheels. But, demo code still should be updated. Because archr be added.

I install the shellphish-qemu and shellphish-afl as you said but still got same problem.

I run code in test directory, It still didn't work.

I just installed all the packages in requirement.txt , anything i missed ?

Try: apt-get remove qemu apt-get autoremove (cd shellphish-qemu; git pull) or (rm -r shellphish-qemu; git clone https://github.com/shellphish/shellphish-qemu.git) cd shellphish-qemu ipython setup.py install

If you must, install it with pip install . or pip install -e .

Ma5ker commented 5 years ago

Please do not try to build shellphish-qemu and shellphish-afl by yourself. Use the wheels on pypi or in https://github.com/angr/wheels. But, demo code still should be updated. Because archr be added.

I install the shellphish-qemu and shellphish-afl as you said but still got same problem. I run code in test directory, It still didn't work. I just installed all the packages in requirement.txt , anything i missed ?

Try: apt-get remove qemu apt-get autoremove (cd shellphish-qemu; git pull) or (rm -r shellphish-qemu; git clone https://github.com/shellphish/shellphish-qemu.git) cd shellphish-qemu ipython setup.py install

If you must, install it with pip install . or pip install -e .

I got the following error message when running the example. How can I solve it?

In [1]: import rex                                                                                                            

In [2]: crash = rex.Crash("./legit_00003", b"\x00\x0b1\xc1\x00\x0c\xeb\xe4\xf1\xf1\x14\r\rM\r\xf3\x1b\r\r\r~\x7f\x1b\xe3\x0c`_
   ...: 222\r\rM\r\xf3\x1b\r\x7f\x002\x7f~\x7f\xe2\xff\x7f\xff\xff\x8b\xc7\xc9\x83\x8b\x0c\xeb\x80\x002\xac\xe2\xff\xff\x00t\x
   ...: 8bt\x8bt_o_\x00t\x8b\xc7\xdd\x83\xc2t~n~~\xac\xe2\xff\xff_k_\x00t\x8b\xc7\xdd\x83\xc2t~n~~\xac\xe2\xff\xff\x00t\x8bt\x
   ...: 8b\xac\xf1\x83\xc2t~c\x00\x00\x00~~\x7f\xe2\xff\xff\x00t\x9e\xac\xe2\xf1\xf2@\x83\xc3t")                              
cp: cannot stat '(0x00007ffc0b92f000)': No such file or directory
cp: cannot stat '(0x00007ffc19594000)': No such file or directory
cp: cannot stat '(0x00007ffc879eb000)': No such file or directory
cp: cannot stat '(0x00007ffc91791000)': No such file or directory
cp: cannot stat '(0x00007ffdac4ab000)': No such file or directory
cp: cannot stat '(0x00007ffde6fa5000)': No such file or directory
cp: cannot stat '(0x00007ffdfaff5000)': No such file or directory
cp: cannot stat '(0x00007ffe075f7000)': No such file or directory
cp: cannot stat '(0x00007ffe089dc000)': No such file or directory
cp: cannot stat '(0x00007ffe52ffd000)': No such file or directory
cp: cannot stat '(0x00007ffeff3b9000)': No such file or directory
cp: cannot stat '(0x00007fff73de6000)': No such file or directory
---------------------------------------------------------------------------
AttributeError                            Traceback (most recent call last)
<ipython-input-2-bb2d345df134> in <module>
----> 1 crash = rex.Crash("./legit_00003", b"\x00\x0b1\xc1\x00\x0c\xeb\xe4\xf1\xf1\x14\r\rM\r\xf3\x1b\r\r\r~\x7f\x1b\xe3\x0c`_222\r\rM\r\xf3\x1b\r\x7f\x002\x7f~\x7f\xe2\xff\x7f\xff\xff\x8b\xc7\xc9\x83\x8b\x0c\xeb\x80\x002\xac\xe2\xff\xff\x00t\x8bt\x8bt_o_\x00t\x8b\xc7\xdd\x83\xc2t~n~~\xac\xe2\xff\xff_k_\x00t\x8b\xc7\xdd\x83\xc2t~n~~\xac\xe2\xff\xff\x00t\x8bt\x8b\xac\xf1\x83\xc2t~c\x00\x00\x00~~\x7f\xe2\xff\xff\x00t\x9e\xac\xe2\xf1\xf2@\x83\xc3t")

~/.virtualenvs/rex/lib/python3.5/site-packages/rex/crash.py in __init__(self, target, crash, pov_file, aslr, constrained_addrs, hooks, format_infos, tracer_bow, explore_steps, input_type, port, use_crash_input, checkpoint_path, rop_cache_tuple, use_rop, fast_mode, angrop_object, rop_cache_path, prev_path, crash_state, initial_state)
     84         self.target_port = port
     85         self.crash = crash
---> 86         self.tracer_bow = tracer_bow if tracer_bow is not None else archr.arsenal.QEMUTracerBow(self.target)
     87 
     88         if self.explore_steps > 10:

~/.virtualenvs/rex/lib/python3.5/site-packages/archr-8.18.10.5-py3.5.egg/archr/arsenal/qemu_tracer.py in __init__(self, target, timeout, ld_linux, library_path, seed)
     41 
     42     def __init__(self, target, timeout=10, ld_linux=None, library_path=None, seed=None):
---> 43         super().__init__(target)
     44         self.timeout = timeout
     45         self.ld_linux = ld_linux

~/.virtualenvs/rex/lib/python3.5/site-packages/archr-8.18.10.5-py3.5.egg/archr/arsenal/__init__.py in __init__(self, target)
     14         """
     15         self.target = target
---> 16         self.nock()
     17 
     18     def nock(self):

~/.virtualenvs/rex/lib/python3.5/site-packages/archr-8.18.10.5-py3.5.egg/archr/arsenal/__init__.py in nock(self)
     22         if self.REQUIRED_ARROW:
     23             with arrows.bundle(self.REQUIRED_ARROW) as b:
---> 24                 self.target.inject_path(b, "/tmp/%s" % self.REQUIRED_ARROW)
     25         if self.REQUIRED_BINARY:
     26             with arrows.bundle_binary(self.REQUIRED_BINARY) as b:

AttributeError: 'str' object has no attribute 'inject_path'
yangshouguo commented 5 years ago

Maybe you should migrate your work space to Ubuntu 18.04

huntergregal commented 3 years ago

i have this same issue. was the solution to use ubuntu 18? lol

github-actions[bot] commented 2 years ago

This issue has been marked as stale because it has no recent activity. Please comment or add the pinned tag to prevent this issue from being closed.

github-actions[bot] commented 2 years ago

This issue has been closed due to inactivity.