[panda-users] Question:How to use panda2 to analysis just one process when replaying log

Wed Jun 20 23:12:07 EDT 2018

Cool, thanks!

On Thu, Jun 21, 2018 at 10:50 AM Brendan Dolan-Gavitt <brendandg at nyu.edu>
wrote:

> Yes; have a look at the "osi" plugin, which provides an API for
> getting information about the current process, its libraries, etc. An
> example use of the API can be found in the "asidstory" and "osi_test"
> plugins.
>
> On Wed, Jun 20, 2018 at 10:04 PM, shuai xi <ahahanamea at gmail.com> wrote:
> > Thank you for answering my question. You say that there is a way to
> > enabling and disabling the taint system  so that it's only active when
> the
> > process you want is running. So, is there some ways to know what the
> current
> > process's name or pid when replaying logs. I need some information like
> that
> > to decide the place where the taint analysis should be enabled or not.
> Can I
> > get this information from panda2 or qemu APIs?
> >
> > On Thu, Jun 21, 2018 at 9:09 AM shuai xi <ahahanamea at gmail.com> wrote:
> >>
> >> Cool, thanks!
> >>
> >> On Wed, Jun 20, 2018 at 11:22 PM Manolis Stamatogiannakis
> >> <mstamat at gmail.com> wrote:
> >>>
> >>> Given the opportunity, a small update on my work on turning taint
> >>> analysis on/off.
> >>>
> >>> Plan A was to switch between LLVM/TCG when taint analysis is on/off.
> >>> There are some waning comments in PANDA code that this should not work
> >>> because of a bug in the LLVM pass registration code. But before
> reaching
> >>> that point, I believe I've hit a different bug. The bug seems to be
> >>> allocation-related and I haven't been able to resolve it for some time
> now.
> >>>
> >>> So I'll probably switch to plan B, which is to stay in LLVM mode after
> >>> taint analysis has been enabled and only switch off taint propagation
> when
> >>> it is not needed.
> >>>
> >>> I'll try to send a PR with what I've done in the following days. In the
> >>> meantime, my working branch is here:
> >>> https://github.com/m000/panda/tree/taint2-wip
> >>>
> >>> M.
> >>>
> >>>
> >>> Στις Τετ, 20 Ιουν 2018 στις 5:03 μ.μ., ο/η Brendan Dolan-Gavitt
> >>> <brendandg at nyu.edu> έγραψε:
> >>>>
> >>>> There is no way to record just a single process. However, if the
> >>>> recording is too large you can use the "scissors" plugin to chop it
> >>>> down to just the part you care about. Also, I think Manolis
> >>>> Stamatogiannakis has done some work on selectively enabling and
> >>>> disabling the taint system so that it's only active when the process
> >>>> you want is running, but I don't know if that work is publicly
> >>>> available yet.
> >>>>
> >>>> -Brendan
> >>>>
> >>>> On Wed, Jun 20, 2018 at 3:39 AM, shuai xi <ahahanamea at gmail.com>
> wrote:
> >>>> > hello developer, i want to use panda2 plugins like 'taint2' to
> >>>> > analysis a
> >>>> > program. But the 'record' function records whole system. i want to
> >>>> > just
> >>>> > focus on this program's process and use the process's virtual
> address
> >>>> > to
> >>>> > taint a buffer of memory. Dose panda2 provide this functionality?
> >>>> >
> >>>> > _______________________________________________
> >>>> > panda-users mailing list
> >>>> > panda-users at mit.edu
> >>>> > http://mailman.mit.edu/mailman/listinfo/panda-users
> >>>> >
> >>>>
> >>>>
> >>>>
> >>>> --
> >>>> Brendan Dolan-Gavitt
> >>>> Assistant Professor, Department of Computer Science and Engineering
> >>>> NYU Tandon School of Engineering
> >>>> _______________________________________________
> >>>> panda-users mailing list
> >>>> panda-users at mit.edu
> >>>> http://mailman.mit.edu/mailman/listinfo/panda-users
>
>
>
> --
> Brendan Dolan-Gavitt
> Assistant Professor, Department of Computer Science and Engineering
> NYU Tandon School of Engineering
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/panda-users/attachments/20180620/0f129b5c/attachment.html