<div dir="ltr">To get function names, you will need debug symbols of some sort (DWARF in Linux, PDB in Windows). This is a little awkward in PANDA right now because PANDA doesn't support parsing any debug symbol formats, but that's changing very soon – Ricky Ulrich has been doing some fantastic work on adding DWARF support to PANDA, which you can see in the stpi & dwarfp plugins:<div><br></div><div><a href="https://github.com/moyix/panda/blob/master/qemu/panda_plugins/stpi/USAGE.md">https://github.com/moyix/panda/blob/master/qemu/panda_plugins/stpi/USAGE.md</a><br></div><div><br></div><div>In the meantime, you can always use gdb, readelf, nm, and objdump to look up symbols a binary. Keep in mind it may have been relocated at runtime due to ASLR. You can use the osi_linux plugin to get information about where your program and libraries are loaded in memory, or you can take a memory dump and get the same information from Volatility.</div><div><br></div><div>Hope this helps,</div><div>Brendan</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, May 20, 2016 at 1:36 AM, Hij Krix <span dir="ltr"><<a href="mailto:hijkrix@gmail.com" target="_blank">hijkrix@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">There is a table in paper 'Tappan Zee (North) Bridge:
Mining Memory Accesses for Introspection' :<br><img src="cid:ii_ioexpbe60_154cb5ec2db9d011" height="200" width="472"><br>How to get the function name such as 'tls1_generate_master_secret+0x9c' in PANDA?<br> <br></div>
<br>_______________________________________________<br>
panda-users mailing list<br>
<a href="mailto:panda-users@mit.edu">panda-users@mit.edu</a><br>
<a href="http://mailman.mit.edu/mailman/listinfo/panda-users" rel="noreferrer" target="_blank">http://mailman.mit.edu/mailman/listinfo/panda-users</a><br>
<br></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature">Brendan Dolan-Gavitt<br>Assistant Professor, Department of Computer Science and Engineering<br>NYU Tandon School of Engineering</div>
</div>