[panda-users] ARM support (was: taint segmentation fault)
xiaojuan Li
xiaotan6666 at gmail.com
Mon Apr 27 01:18:00 EDT 2015
yeah! Thank you very much!!I have cleared with it!
2015-04-27 1:04 GMT-04:00 Manolis Stamatogiannakis <mstamat at gmail.com>:
> I'm not sure I understand your question.
>
> In VM terminology, Linux is the only *host* operating system supported by
> PANDA*. I.e. you can only run PANDA on Linux.
>
> On the other hand, PANDA supports several *guest* operating systems. The
> guest operating system is the one which is analyzed by PANDA. Win 7 is one
> of the supported guests.
>
> The authors of ida_taint apparently had interest in analyzing Win 7, so
> they built their plugin specifically for that. Making the plugin working on
> both Win 7 and Linux would require a lot more effort on their part.
>
> Hope the above (although somewhat simplified) help to clear things up for
> you.
>
> Cheers,
> Manolis
>
>
>
>
> 2015-04-26 21:16 GMT-07:00 xiaojuan Li <xiaotan6666 at gmail.com>:
>
> maybe, you misunderstood me.
>> i know ida_taint is designed for win7, but i have no idea why designed
>> for win7?since panda is complied and running in linux.
>> Thanks!
>>
>> 2015-04-26 23:08 GMT-04:00 Manolis Stamatogiannakis <mstamat at gmail.com>:
>>
>> ida_taint is designed for windows 7 guests.
>>> See lines 25-27 of ida_taint.cpp where some windows 7 specific offsets
>>> are defined as macros.
>>>
>>> M.
>>>
>>> 2015-04-26 19:22 GMT-07:00 xiaojuan Li <xiaotan6666 at gmail.com>:
>>>
>>> excuse me, i have a question about this:now that panda is used in linux,
>>>> why ida_taint is designed for windows?.
>>>> Thanks!
>>>>
>>>> 2015-04-20 23:40 GMT-04:00 Manolis Stamatogiannakis <mstamat at gmail.com>
>>>> :
>>>>
>>>> Ok, good for starters.
>>>>>
>>>>> From a quick look, ida_taint.cpp contains some windows-specific
>>>>> offsets in the code. So the plugin has to be rewritten for linux.
>>>>> This shouldn't be too hard, provided you understand how the windows
>>>>> version of the plugin works. I have no experience with windows internals,
>>>>> so I can't help you here.
>>>>> But if you can add some documentation on how the plugin works, I could
>>>>> help you with the linux side.
>>>>>
>>>>> Cheers,
>>>>> Manolis
>>>>>
>>>>>
>>>>> 2015-04-20 18:54 GMT-07:00 xiaojuan Li <xiaotan6666 at gmail.com>:
>>>>>
>>>>> en. i use the wineconsole to run .bat,which is supported in linux.
>>>>>>
>>>>>> 2015-04-20 14:17 GMT-04:00 Manolis Stamatogiannakis <
>>>>>> mstamat at gmail.com>:
>>>>>>
>>>>>>> Although I haven't tested osi_linux on arm, it should either be
>>>>>>> working or *almost* working. Of course you'll have to extract the kernel
>>>>>>> offsets to get it running.
>>>>>>>
>>>>>>> Otherwise, I have included the arm equivalents of x86-specific code
>>>>>>> where I could. In any places where arm-specific code may be missing, I have
>>>>>>> added #warn directives. So the plugin will compile, but the preprocessor
>>>>>>> will emit warnings about the missing platform-specific code.
>>>>>>>
>>>>>>> Regarding Xiaojuan's problem, it could be something more trivial.
>>>>>>> E.g. .bat files won't run on Linux. So if only the path was fixed in the
>>>>>>> script, it won't work.
>>>>>>>
>>>>>>> Cheers,
>>>>>>> Manolis
>>>>>>>
>>>>>>>
>>>>>>> 2015-04-20 8:55 GMT-07:00 Brendan Dolan-Gavitt <brendandg at gatech.edu
>>>>>>> >:
>>>>>>>
>>>>>>>> It currently does not support anything except Windows 7, as the
>>>>>>>> documentation says. It uses the OSI module, so it should be extensible
>>>>>>>> fairly easily to the other operating systems OSI supports, which (thanks to
>>>>>>>> Manolis) includes Linux on x86, but which I think does not include Linux on
>>>>>>>> ARM.
>>>>>>>>
>>>>>>>> In the future, also please create a new thread for new questions,
>>>>>>>> rather than using the old one!
>>>>>>>>
>>>>>>>> -Brendan
>>>>>>>>
>>>>>>>
>>>>>>>> On Mon, Apr 20, 2015 at 5:51 AM, xiaojuan Li <xiaotan6666 at gmail.com
>>>>>>>>> > wrote:
>>>>>>>>> excuse me, i have noticed that the ida_taint plugin:"win7 only but
>>>>>>>>> othre os could be easily added".
>>>>>>>>> i have installed ida pro in my system(debian),modified the
>>>>>>>>> ida_taint.bat with my ida path,when i use it :./ida_taint.bat name.json
>>>>>>>>> qemu-system-arm
>>>>>>>>> it failed. it seems not available in linux, is it?
>>>>>>>>> Thanks a lot!
>>>>>>>>
>>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> panda-users mailing list
>>>>>>> panda-users at mit.edu
>>>>>>> http://mailman.mit.edu/mailman/listinfo/panda-users
>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> wait and hope~~
>>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> wait and hope~~
>>>>
>>>
>>>
>>
>>
>> --
>> wait and hope~~
>>
>
>
--
wait and hope~~
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/panda-users/attachments/20150427/bff8358a/attachment.htm
More information about the panda-users
mailing list