<html><head><meta http-equiv="Content-Type" content="text/html; charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">Thanks,<div class=""><div>It works. I apologize for the stupid question</div><div>Regards<br class=""><blockquote type="cite" class=""><div class="">On Mar 2, 2018, at 17:29, Brendan Dolan-Gavitt <<a href="mailto:brendandg@nyu.edu" class="">brendandg@nyu.edu</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div dir="ltr" class="">Yes. You need to tell it what OS the guest is running using the "-os" flag to PANDA. For the malware replays it's "windows-32-7".</div><div class="gmail_extra"><br class=""><div class="gmail_quote">On Fri, Mar 2, 2018 at 5:23 PM, Giuseppe Laurenza <span dir="ltr" class=""><<a href="mailto:laurenza@diag.uniroma1.it" target="_blank" class="">laurenza@diag.uniroma1.it</a>></span> wrote:<br class=""><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word;line-break:after-white-space" class="">I am trying to use the osi plugin, but even using different records I always obtain the same error:<span class=""><br class=""><div style="text-align:center" class=""><i class="">os_intro.c:151: init_plugin: Assertion `!(panda_os_type == OST_UNKNOWN)' failed.</i></div>Do you know how to solve this issue?</span><div class=""><span class="">Regards<br class=""><blockquote type="cite" class=""><span class="">On Mar 2, 2018, at 13:06, Brendan Dolan-Gavitt <<a href="mailto:brendandg@nyu.edu" target="_blank" class="">brendandg@nyu.edu</a>> wrote:<br class=""><br class=""></span><div class=""><div class="h5">Correct, but all the malware recordings except a handful are 32 bit (even though they run on the x86_64 version of QEMU). <br class=""><br class="">On Fri, Mar 2, 2018 at 1:04 PM Giuseppe Laurenza <<a href="mailto:laurenza@diag.uniroma1.it" target="_blank" class="">laurenza@diag.uniroma1.it</a>> wrote:<br class="">Thanks<br class="">I see the osi plugin, but if I understood correctly it do es not work with 64bit architecture. Is it correct?<br class="">Regards<br class=""><br class="">On Fri, Mar 2, 2018 at 1:03 PM Brendan Dolan-Gavitt <<a href="mailto:brendandg@nyu.edu" target="_blank" class="">brendandg@nyu.edu</a>> wrote:<br class="">Yes. You can use the osi plugin for this. Just get the list of processes and the loop over it looking for the name, then look at the pid member. Have a look at the asidstory plugin for some examples. <br class=""><br class="">On Fri, Mar 2, 2018 at 12:45 PM Giuseppe Laurenza <<a href="mailto:laurenza@diag.uniroma1.it" target="_blank" class="">laurenza@diag.uniroma1.it</a>> wrote:<br class="">Hello panda-user<br class="">Is there any way already implemented in panda to find a process pid by its name in windows guest os?<br class="">Thanks in advance<br class="">Regards<br class="">______________________________<wbr class="">_________________<br class="">panda-users mailing list<br class=""><a href="mailto:panda-users@mit.edu" target="_blank" class="">panda-users@mit.edu</a><br class=""><a href="http://mailman.mit.edu/mailman/listinfo/panda-users" target="_blank" class="">http://mailman.mit.edu/<wbr class="">mailman/listinfo/panda-users</a><br class="">-- <br class="">Brendan Dolan-Gavitt<br class="">Assistant Professor, Department of Computer Science and Engineering<br class="">NYU Tandon School of Engineering<br class="">-- <br class="">Brendan Dolan-Gavitt<br class="">Assistant Professor, Department of Computer Science and Engineering<br class="">NYU Tandon School of Engineering<br class=""></div></div></blockquote><br class=""></span></div></div></blockquote></div><br class=""><br clear="all" class=""><div class=""><br class=""></div>-- <br class=""><div class="gmail_signature" data-smartmail="gmail_signature">Brendan Dolan-Gavitt<br class="">Assistant Professor, Department of Computer Science and Engineering<br class="">NYU Tandon School of Engineering</div>
</div>
</div></blockquote></div><br class=""></div></body></html>