运行脚本出错

[Sunlazys]

Traceback (most recent call last): File ".\debogus.py", line 114, in main() File ".\debogus.py", line 35, in main supergraph = am_graph.to_supergraph(target_function.transition_graph) AttributeError: 'NoneType' object has no attribute 'transition_graph'

[Sunlazys]

My command: python .\debogus.py -f .\fishman --addr 0x34290 The executable is ELF64,and the bash address is 0x30000.

[cq674350529]

Hi, can you share the fishman binary ?

[Sunlazys]

Of courese,i send the fishman binary to your email.

[cq674350529]

Hi, I looked at the fishman binary you provided. Since it's a PIE-enabled binary, the address 0x34290 you provided is invalid when loaded with angr.
Here is the warning from angr. And in this case, the right address should be 0x434290.

WARNING | 2023-06-29 17:12:29,194 | cle.loader | The main binary is a position-independent executable. It is being loaded with a base address of 0x400000.

[TopCode280]

这个问题我也遇到了，但是我并没有发现作者上条评论的日志，我的日志是这样的WARNING | 2023-07-06 16:39:50,753 | cle.loader | For more information about "Symbol was allocated without a known size",see https://docs.angr.io/extending-angr/environment#simdata 请问我也是因为函数地址错误或者是其他问题 感谢回答

[cq674350529]

@TopCode280 Can you provide more specific information? Such as how you run the script, the error log, and you binary if possible. By the way, you can check if your target binary is PIE-enabled or not?

[TopCode280]

错误是和上面的朋友一样在执行 target_function = cfg.functions.get(start) supergraph = am_graph.to_supergraph(target_function.transition_graph) 代码时target_function为None，我刚刚检查二进制文件是否启用PIE在linux系统上提示Bad ELF，ida中分析也找不到.text段 我将二进制文件发送至您的邮箱，若您愿意可以帮我看一下，是否这个二进制文件是错误的，二进制文件来源是一个app中解压出来的，感谢

[cq674350529]

Due to run the script with incorrect address .