search

decaf-project / DECAF

DECAF (short for Dynamic Executable Code Analysis Framework) is a binary analysis platform based on QEMU. This is also the home of the DroidScope dynamic Android malware analysis platform. DroidScope is now an extension to DECAF.
GNU General Public License v3.0
803 stars 168 forks source link

The version of QEMU in DECAF matters? #89

Open yinfeidi opened 4 years ago

yinfeidi commented 4 years ago

I want to use qemu in DECAF while using the firmadyne to run mips firmware, but the network doesn't work like this: Please press Enter to activate this console. [ 54.832000] ------------[ cut here ]------------ [ 54.832000] WARNING: at net/sched/sch_generic.c:255 dev_watchdog+0x160/0x2c4() [ 54.832000] NETDEV WATCHDOG: eth0 (pcnet32): transmit queue 0 timed out [ 54.832000] Modules linked in: [ 54.832000] Call Trace: [ 54.832000] [<8056b7fc>] dump_stack+0x8/0x34 [ 54.832000] [<80124180>] warn_slowpath_common+0x78/0xa4 [ 54.832000] [<80124234>] warn_slowpath_fmt+0x2c/0x38 [ 54.832000] [<8044a5e4>] dev_watchdog+0x160/0x2c4 [ 54.832000] [<801302a4>] run_timer_softirq+0x188/0x254 [ 54.832000] [<80129f68>] __do_softirq+0xcc/0x190 [ 54.832000] [<8012a1c8>] do_softirq+0x5c/0x94 [ 54.832000] [<8012a414>] irq_exit+0x4c/0xbc [ 54.832000] [<80101a44>] ret_from_irq+0x0/0x4 [ 54.832000] [<80101c80>] r4k_wait+0x20/0x40 [ 54.832000] [<801037a4>] cpu_idle+0x30/0x60 [ 54.832000] [<80706908>] start_kernel+0x3bc/0x3dc [ 54.832000] [ 54.832000] ---[ end trace 1e517aac3df85c47 ]--- [ 54.832000] pcnet32: eth0: transmit timed out, status 07fb, resetting ^C Please press Enter to activate this console.

And I checked the version of QEMU used in DECAF is 1.0 while the QEMU downloading by apt-get is 2.11.1. So I want to ask how can we update the version of QEMU used in DECAF

yinfeidi commented 4 years ago

How to update the version of QEMU in DECAF

hengyin commented 4 years ago

It is nontrivial to upgrade QEMU in DECAF. We have another project that uses DECAF to fuzz IoT firmware. In this project, DECAF has been upgraded to use QEMU 2.0.

https://github.com/zyw-200/FirmAFL

You can take a look.

Thanks, Heng

On Mon, Sep 14, 2020 at 6:04 AM robertjames notifications@github.com wrote:

How to update the version of QEMU in DECAF

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/decaf-project/DECAF/issues/89#issuecomment-692037827, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAWJ2RUKFTAVOY7CHCRQJHDSFYIFFANCNFSM4RJINQNA .

yinfeidi commented 4 years ago

I appreciate this project, while I can't compile the DECAF_qemu_2.10 plugins once adding "--target-list=mipsel-softmmu,mips-softmmu,arm-softmmu --disable-werror", but I encounter some bugs when compile the whole project like this: " cannot convert ‘unsigned int’ to ‘gva_t "