search

radareorg / esilsolve

A python symbolic execution framework using radare2's ESIL (Evaluable String Intermediate Language)
MIT License
159 stars 14 forks source link

Missing r2 console functionality #3

Open GanbaruTobi opened 2 years ago

GanbaruTobi commented 2 years ago

After installing esilsolve, there is no options in the r2 command line:

image

b1gcat commented 2 years ago

the same problem.

 ✘ b1gcat@b1gcat   3.8.13  ~/Desktop/hack/tools/radare2  r2pm -i esilsolve
Updating 678b342..0531eb6
Fast-forward
 db/acr      | 2 +-
 db/diaphora | 2 +-
 db/www-enyo | 2 +-
 db/www-m    | 2 +-
 db/www-p    | 2 +-
 db/www-t    | 2 +-
 db/yara     | 2 +-
 7 files changed, 7 insertions(+), 7 deletions(-)
[r2pm] Updating package database /Users/b1gcat/.local/share/radare2/r2pm/db ...
Already up to date.
Already on 'master'
Your branch is up to date with 'origin/master'.
Already up to date.
error: pathspec 'r2-5.6.8' did not match any file(s) known to git
Already up to date.
DEPENDS: rlang-python
rlang-python
Install Done For esilsolve
running build
running build_py
running install
/Users/b1gcat/Desktop/hack/tools/radare2/env/lib/python3.8/site-packages/setuptools/command/install.py:34: SetuptoolsDeprecationWarning: setup.py install is deprecated. Use build and pip and other standards-based tools.
  warnings.warn(
/Users/b1gcat/Desktop/hack/tools/radare2/env/lib/python3.8/site-packages/setuptools/command/easy_install.py:144: EasyInstallDeprecationWarning: easy_install command is deprecated. Use build and pip and other standards-based tools.
  warnings.warn(
running bdist_egg
running egg_info
writing esilsolve.egg-info/PKG-INFO
writing dependency_links to esilsolve.egg-info/dependency_links.txt
writing requirements to esilsolve.egg-info/requires.txt
writing top-level names to esilsolve.egg-info/top_level.txt
reading manifest file 'esilsolve.egg-info/SOURCES.txt'
adding license file 'LICENSE'
writing manifest file 'esilsolve.egg-info/SOURCES.txt'
installing library code to build/bdist.macosx-12-x86_64/egg
running install_lib
running build_py
creating build/bdist.macosx-12-x86_64/egg
creating build/bdist.macosx-12-x86_64/egg/esilsolve
copying build/lib/esilsolve/esilops.py -> build/bdist.macosx-12-x86_64/egg/esilsolve
copying build/lib/esilsolve/__init__.py -> build/bdist.macosx-12-x86_64/egg/esilsolve
copying build/lib/esilsolve/simsys.py -> build/bdist.macosx-12-x86_64/egg/esilsolve
copying build/lib/esilsolve/esilos.py -> build/bdist.macosx-12-x86_64/egg/esilsolve
copying build/lib/esilsolve/esilsim.py -> build/bdist.macosx-12-x86_64/egg/esilsolve
copying build/lib/esilsolve/esilstate.py -> build/bdist.macosx-12-x86_64/egg/esilsolve
copying build/lib/esilsolve/esilclasses.py -> build/bdist.macosx-12-x86_64/egg/esilsolve
copying build/lib/esilsolve/simlibc.py -> build/bdist.macosx-12-x86_64/egg/esilsolve
copying build/lib/esilsolve/adhoc.py -> build/bdist.macosx-12-x86_64/egg/esilsolve
copying build/lib/esilsolve/esilsolve.py -> build/bdist.macosx-12-x86_64/egg/esilsolve
copying build/lib/esilsolve/vexit.py -> build/bdist.macosx-12-x86_64/egg/esilsolve
copying build/lib/esilsolve/esilfs.py -> build/bdist.macosx-12-x86_64/egg/esilsolve
copying build/lib/esilsolve/r2api.py -> build/bdist.macosx-12-x86_64/egg/esilsolve
copying build/lib/esilsolve/esilregisters.py -> build/bdist.macosx-12-x86_64/egg/esilsolve
copying build/lib/esilsolve/esilmemory.py -> build/bdist.macosx-12-x86_64/egg/esilsolve
copying build/lib/esilsolve/esilprocess.py -> build/bdist.macosx-12-x86_64/egg/esilsolve
byte-compiling build/bdist.macosx-12-x86_64/egg/esilsolve/esilops.py to esilops.cpython-38.pyc
byte-compiling build/bdist.macosx-12-x86_64/egg/esilsolve/__init__.py to __init__.cpython-38.pyc
byte-compiling build/bdist.macosx-12-x86_64/egg/esilsolve/simsys.py to simsys.cpython-38.pyc
byte-compiling build/bdist.macosx-12-x86_64/egg/esilsolve/esilos.py to esilos.cpython-38.pyc
byte-compiling build/bdist.macosx-12-x86_64/egg/esilsolve/esilsim.py to esilsim.cpython-38.pyc
byte-compiling build/bdist.macosx-12-x86_64/egg/esilsolve/esilstate.py to esilstate.cpython-38.pyc
byte-compiling build/bdist.macosx-12-x86_64/egg/esilsolve/esilclasses.py to esilclasses.cpython-38.pyc
byte-compiling build/bdist.macosx-12-x86_64/egg/esilsolve/simlibc.py to simlibc.cpython-38.pyc
byte-compiling build/bdist.macosx-12-x86_64/egg/esilsolve/adhoc.py to adhoc.cpython-38.pyc
byte-compiling build/bdist.macosx-12-x86_64/egg/esilsolve/esilsolve.py to esilsolve.cpython-38.pyc
byte-compiling build/bdist.macosx-12-x86_64/egg/esilsolve/vexit.py to vexit.cpython-38.pyc
byte-compiling build/bdist.macosx-12-x86_64/egg/esilsolve/esilfs.py to esilfs.cpython-38.pyc
byte-compiling build/bdist.macosx-12-x86_64/egg/esilsolve/r2api.py to r2api.cpython-38.pyc
byte-compiling build/bdist.macosx-12-x86_64/egg/esilsolve/esilregisters.py to esilregisters.cpython-38.pyc
byte-compiling build/bdist.macosx-12-x86_64/egg/esilsolve/esilmemory.py to esilmemory.cpython-38.pyc
byte-compiling build/bdist.macosx-12-x86_64/egg/esilsolve/esilprocess.py to esilprocess.cpython-38.pyc
creating build/bdist.macosx-12-x86_64/egg/EGG-INFO
copying esilsolve.egg-info/PKG-INFO -> build/bdist.macosx-12-x86_64/egg/EGG-INFO
copying esilsolve.egg-info/SOURCES.txt -> build/bdist.macosx-12-x86_64/egg/EGG-INFO
copying esilsolve.egg-info/dependency_links.txt -> build/bdist.macosx-12-x86_64/egg/EGG-INFO
copying esilsolve.egg-info/requires.txt -> build/bdist.macosx-12-x86_64/egg/EGG-INFO
copying esilsolve.egg-info/top_level.txt -> build/bdist.macosx-12-x86_64/egg/EGG-INFO
zip_safe flag not set; analyzing archive contents...
creating 'dist/esilsolve-0.0.2-py3.8.egg' and adding 'build/bdist.macosx-12-x86_64/egg' to it
removing 'build/bdist.macosx-12-x86_64/egg' (and everything under it)
Processing esilsolve-0.0.2-py3.8.egg
Removing /Users/b1gcat/Desktop/hack/tools/radare2/env/lib/python3.8/site-packages/esilsolve-0.0.2-py3.8.egg
Copying esilsolve-0.0.2-py3.8.egg to /Users/b1gcat/Desktop/hack/tools/radare2/env/lib/python3.8/site-packages
esilsolve 0.0.2 is already the active version in easy-install.pth

Installed /Users/b1gcat/Desktop/hack/tools/radare2/env/lib/python3.8/site-packages/esilsolve-0.0.2-py3.8.egg
Processing dependencies for esilsolve==0.0.2
Searching for colorama==0.4.4
Best match: colorama 0.4.4
Adding colorama 0.4.4 to easy-install.pth file

Using /Users/b1gcat/Desktop/hack/tools/radare2/env/lib/python3.8/site-packages
Searching for z3-solver==4.8.16.0
Best match: z3-solver 4.8.16.0
Processing z3_solver-4.8.16.0-py3.8-macosx-12-x86_64.egg
z3-solver 4.8.16.0 is already the active version in easy-install.pth

Using /Users/b1gcat/Desktop/hack/tools/radare2/env/lib/python3.8/site-packages/z3_solver-4.8.16.0-py3.8-macosx-12-x86_64.egg
Searching for r2pipe==1.6.5
Best match: r2pipe 1.6.5
Processing r2pipe-1.6.5-py3.8.egg
r2pipe 1.6.5 is already the active version in easy-install.pth

Using /Users/b1gcat/Desktop/hack/tools/radare2/env/lib/python3.8/site-packages/r2pipe-1.6.5-py3.8.egg
Finished processing dependencies for esilsolve==0.0.2
 b1gcat@b1gcat   3.8.13  ~/Desktop/hack/tools/radare2  sou
source         sourcekit-lsp
 b1gcat@b1gcat   3.8.13  ~/Desktop/hack/tools/radare2  r2
r2       r2agent  r2p      r2pm     r2pm.sh  r2r
 b1gcat@b1gcat   3.8.13  ~/Desktop/hack/tools/radare2  r2 ~/Downloads/
.DS_Store            .localized           IOLI-crackme/        IOLI-crackme.tar.gz
 b1gcat@b1gcat   3.8.13  ~/Desktop/hack/tools/radare2  r2 ~/Downloads/IO
IOLI-crackme/        IOLI-crackme.tar.gz
 b1gcat@b1gcat   3.8.13  ~/Desktop/hack/tools/radare2  r2 ~/Downloads/IOLI-crackme/
.DS_Store     README.txt    bin-linux/    bin-pocketPC/ bin-win32/
 b1gcat@b1gcat   3.8.13  ~/Desktop/hack/tools/radare2  r2 ~/Downloads/IOLI-crackme/
.DS_Store     README.txt    bin-linux/    bin-pocketPC/ bin-win32/
 b1gcat@b1gcat   3.8.13  ~/Desktop/hack/tools/radare2  r2 ~/Downloads/IOLI-crackme/bin
bin-linux/    bin-pocketPC/ bin-win32/
 b1gcat@b1gcat   3.8.13  ~/Desktop/hack/tools/radare2  r2 ~/Downloads/IOLI-crackme/bin-linux/
crackme0x00                     crackme0x03                     crackme0x06                     crackme0x09
crackme0x01                     crackme0x04                     crackme0x07                     defeating-IOLI-with-radare2.md
crackme0x02                     crackme0x05                     crackme0x08
 b1gcat@b1gcat   3.8.13  ~/Desktop/hack/tools/radare2  r2 ~/Downloads/IOLI-crackme/bin-linux/
crackme0x00                     crackme0x03                     crackme0x06                     crackme0x09
crackme0x01                     crackme0x04                     crackme0x07                     defeating-IOLI-with-radare2.md
crackme0x02                     crackme0x05                     crackme0x08
 b1gcat@b1gcat   3.8.13  ~/Desktop/hack/tools/radare2  r2 ~/Downloads/IOLI-crackme/bin-linux/cr
crackme0x00  crackme0x01  crackme0x02  crackme0x03  crackme0x04  crackme0x05  crackme0x06  crackme0x07  crackme0x08  crackme0x09
 b1gcat@b1gcat   3.8.13  ~/Desktop/hack/tools/radare2  r2 ~/Downloads/IOLI-crackme/bin-linux/crackme0x00
 -- I endians swap.
[0x08048360]> x?
Usage: px[0afoswqWqQ][f]   # Print heXadecimal
| px                show hexdump
| px--[n]           context hexdump (the hexdump version of pd--3)
| px/               same as x/ in gdb (help x)
| px0               8bit hexpair list of bytes until zero byte
| pxa               show annotated hexdump
| pxA[?]            show op analysis color map
| pxb               dump bits in hexdump form
| pxc               show hexdump with comments
| pxd[?1248]        signed integer dump (1 byte, 2 and 4)
| pxe               emoji hexdump! :)
| pxf               show hexdump of current function
| pxh               show hexadecimal half-words dump (16bit)
| pxH               same as above, but one per line
| pxi               HexII compact binary representation
| pxl               display N lines (rows) of hexdump
| pxo               show octal dump
| pxq               show hexadecimal quad-words dump (64bit)
| pxQ[q]            same as above, but one per line
| pxr[1248][qj]     show hexword references (q=quiet, j=json)
| pxs               show hexadecimal in sparse mode
| pxt[*.] [origin]  show delta pointer table in r2 commands
| pxw               show hexadecimal words dump (32bit)
| pxW[q]            same as above, but one per line (q=quiet)
| pxx               show N bytes of hex-less hexdump
| pxX               show N words of hex-less hexdump
[0x08048360]> es
[0x08048360]> a
Usage: a  [abdefFghoprxstc] [...]
| a                alias for aai - analysis information
| a*               same as afl*;ah*;ax*
| aa[?]            analyze all (fcns + bbs) (aa0 to avoid sub renaming)
| a8 [hexpairs]    analyze bytes
| ab[?]            analyze basic block
| ac[?]            manage classes
| aC[?]            analyze function call
| ad[?]            analyze data trampoline (wip)
| ad [from] [to]   analyze data pointers to (from-to)
| ae[?] [expr]     analyze opcode eval expression (see ao)
| af[?]            analyze functions
| aF               same as above, but using anal.depth=1
| ag[?] [options]  draw graphs in various formats
| ah[?]            analysis hints (force opcode size, ...)
| ai [addr]        address information (show perms, stack, heap, ...)
| aj               same as a* but in json (aflj)
| aL               list all asm/anal plugins (e asm.arch=?)
| an[?] [name]     show/rename/create whatever var/flag/function is used in current instruction
| ao[?] [len]      analyze Opcodes (or emulate it)
| aO[?] [len]      analyze N instructions in M bytes
| ap               find prelude for current offset
| ar[?]            like 'dr' but for the esil vm. (registers)
| as[?] [num]      analyze syscall using dbg.reg
| av[?] [.]        show vtables
| avg[?] [.]       manage global variables
| ax[?]            manage refs/xrefs (see also afx?)
[0x08048360]> aesx?
[0x08048360]>
Gigithecode commented 2 years ago

Same problem here. Did you manage to workaround?

GanbaruTobi commented 2 years ago

No, my guess is that r2pipe was changed or another plugin gets in the way. Probably good to debug by going into the r2pipe component. I can have a look at it next week maybe

Gigithecode commented 2 years ago

Good idea! I'll take a look too...