<div dir="ltr">Yes. You need to tell it what OS the guest is running using the "-os" flag to PANDA. For the malware replays it's "windows-32-7".</div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Mar 2, 2018 at 5:23 PM, Giuseppe Laurenza <span dir="ltr"><<a href="mailto:laurenza@diag.uniroma1.it" target="_blank">laurenza@diag.uniroma1.it</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word;line-break:after-white-space">I am trying to use the osi plugin, but even using different records I always obtain the same error:<span><br><div style="text-align:center"><i>os_intro.c:151: init_plugin: Assertion `!(panda_os_type == OST_UNKNOWN)' failed.</i></div>Do you know how to solve this issue?</span><div><span>Regards<br><blockquote type="cite"><span class="">On Mar 2, 2018, at 13:06, Brendan Dolan-Gavitt <<a href="mailto:brendandg@nyu.edu" target="_blank">brendandg@nyu.edu</a>> wrote:<br><br></span><div><div class="h5">Correct, but all the malware recordings except a handful are 32 bit (even though they run on the x86_64 version of QEMU). <br><br>On Fri, Mar 2, 2018 at 1:04 PM Giuseppe Laurenza <<a href="mailto:laurenza@diag.uniroma1.it" target="_blank">laurenza@diag.uniroma1.it</a>> wrote:<br>Thanks<br>I see the osi plugin, but if I understood correctly it do es not work with 64bit architecture. Is it correct?<br>Regards<br><br>On Fri, Mar 2, 2018 at 1:03 PM Brendan Dolan-Gavitt <<a href="mailto:brendandg@nyu.edu" target="_blank">brendandg@nyu.edu</a>> wrote:<br>Yes. You can use the osi plugin for this. Just get the list of processes and the loop over it looking for the name, then look at the pid member. Have a look at the asidstory plugin for some examples. <br><br>On Fri, Mar 2, 2018 at 12:45 PM Giuseppe Laurenza <<a href="mailto:laurenza@diag.uniroma1.it" target="_blank">laurenza@diag.uniroma1.it</a>> wrote:<br>Hello panda-user<br>Is there any way already implemented in panda to find a process pid by its name in windows guest os?<br>Thanks in advance<br>Regards<br>______________________________<wbr>_________________<br>panda-users mailing list<br><a href="mailto:panda-users@mit.edu" target="_blank">panda-users@mit.edu</a><br><a href="http://mailman.mit.edu/mailman/listinfo/panda-users" target="_blank">http://mailman.mit.edu/<wbr>mailman/listinfo/panda-users</a><br>-- <br>Brendan Dolan-Gavitt<br>Assistant Professor, Department of Computer Science and Engineering<br>NYU Tandon School of Engineering<br>-- <br>Brendan Dolan-Gavitt<br>Assistant Professor, Department of Computer Science and Engineering<br>NYU Tandon School of Engineering<br></div></div></blockquote><br></span></div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature" data-smartmail="gmail_signature">Brendan Dolan-Gavitt<br>Assistant Professor, Department of Computer Science and Engineering<br>NYU Tandon School of Engineering</div>
</div>