decaf-project / DECAF

DECAF (short for Dynamic Executable Code Analysis Framework) is a binary analysis platform based on QEMU. This is also the home of the DroidScope dynamic Android malware analysis platform. DroidScope is now an extension to DECAF.
GNU General Public License v3.0
807 stars 168 forks source link

Demonstration of the research study Extract Me If You Can #97

Closed aleff-github closed 1 year ago

aleff-github commented 2 years ago

Does anyone know if there is a technical demonstration of the paper Extract Me If You Can by Carmony, C., Hu, X., Yin, H., Bhaskar, A.V., & Zhang, M. (2016)?

I am trying to set DECAF correctly using the wiki presents on the github repository but without success. Could anyone tell me how to properly start a virtual machine created with VirtualBox with iso Windows SP3 XP?

I tried the following commands in sequents:

  1. sudo apt-get install qemu sudo apt-get build-dep qemu
  2. sudo apt-get install binutils-dev
  3. sudo apt-get install libboost-all-dev
  4. ./configure make
  5. VBoxManage clonehd --format RAW Windows-SP3-XP-NS-Project.vdi img.raw qemu-img convert -f raw win.img -O qcow2 win.qcow
  6. not having DECAF/trunk/i386-­softmmu i used the qemu-­system­-i386 command of sudo apt-get install -y qemu-system-i386

I'm using Ubuntu 22