1

I have some binary files, each of them contain instructions of a function, (may be a little more in the end). The begining of the file is also the start point of the function.

This files were extracted from a ELF file.The platform is arm64.

So, how to load and analyze this file using angr?

The target:

Every function has a "switch case statement", the target is to get all intergers of the case expression.

Example(C code):

void func1(int cmd){
    switch (cmd) {
    case 1:
        xxxx
        break;
    case 10:
        yyyy;
        break;
    }
}

Result: 1,10

Improve this question

1 Answer 1

Reset to default
1

my suggestion is to not use angr in this case because you could extract all the cases in a much easier way for example using r2pipe. I've create a simple example for you and I hope it helps.

C code

int main(int argc, char* argv[]) {

    switch(argc) {
        case 1:
            break;
        case 2:
            break;
        default:
            break;
    }

}

python script

import r2pipe

r2 = r2pipe.open("switch")

r2.cmd("aa")

r2.cmdj('s main')
instructions = r2.cmdj('pdfj')

for instruction in instructions['ops']:
    if ( instruction["type"] == "cmp" ):
        print instruction["ptr"]

Output:

r2pipe.cmdj.Error: No JSON object could be decoded
1
2

I'm not sure what I had that error message at the beginning of the output.

HTH

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.