You cannot post messages because only members can post, and you are not currently a member.
Description:
BitBlaze Binary Analysis Platform features 2 main components: TEMU for dynamic analysis and Vine for static analysis. This group is for the users of TEMU and Vine to: 1) report and receive answers for problems with the systems, 2) provide feedbacks and suggestions, and 3) receive patch annoucements.
|
|
|
How to know the generated trace file is valid
|
| |
Hi,
When I use taint_file instruction to get trace files, I have encountered
many problems. Finally, I get the trace file of software called WPS which
can handle doc files like Microsoft office but is much smaller than micro
office, and the size of the trace file I get is 3.5G. I think the size is... more »
|
|
|
Open source release?
|
| |
Hello!
Do you know if there is going to be another open source release of
BitBlaze components? (Temu and Vine).
Thanks!
|
|
|
Can't get the trace file of notepad.exe using taint_file
|
| |
Hi,
When I use the instruction "taint_file" I encounter many problem. Few days
ago, I realized I needed to create two disks in my guest OS, and I have
done this. Now a new problem comes to me that I still can't get "first
tainted data" message. The commands I have used as follows:
(qemu) load_plugin tracecap/tracecap.so... more »
|
|
|
A problem about "taint_file"
|
| |
Hi,
When I use "taint_file" instruction to get trace file, I encounter a
problem that I can't use the command line "taint_file "0914.txt" 0 1001". I
have tried to search the solution through Bitblaze Group, but util now I
can't solve the problem.
Through some ralated search in the Group, I realized that due to the disk... more »
|
|
|
Can't get trace file using taint_file
|
| |
Hi,
I am using the tracecap in TEMU and encounter a problem.I have successfully
get a trace file from a simple exe program using taint_sendkey
instructions.But when I try to generate the trace file from ' wps.exe '
which is much smaller than Microsoft Office programe that handle the doc
files, I can't get the trace file. My guset OS is xp sp2, I have created a... more »
|
|
|
How to install kqemu
|
| |
Hi,
Now I am studying BitBlaze tools.
I find that starting a guest operation system using TEMU is very slow. I
realized that I should install a tool called kqemu to accelerate it. But I
don't know how to install it. I have tried a instruction "sudo apt-get
install kqemu",but failed. I expect you can give me the related... more »
|
|
|
Finding irrelevant reads in x86 code
|
| |
Hello
for one research project I am working on, I must perform some simple
dataflow analyses (in particular detecting irrelevant memory reads) on
x86 assembler. While the analyses are straightforward, dealing with
the intricacies of x86 instruction set is not, and I was hoping Vine
could help.... more »
|
|
|
How to taint API?
|
| |
I want to use temu to trace the behavior of a Trojan.
When the trojan is started,it can release some files and then delete
itself.Therefore,I want to obtain the trace by tainting some API which
the trojan called.
So...I want to know,how to taint the API?
for example:
If I input "taint_nic 1", the Taint origins will be... more »
|
|
|
How to use vine for analysis
|
| |
Hi,
I am new to bitblaze. Now I have installed the Vine, but I have two
questions to ask for help.
If the input of Vine is only trace file? Can I take a set of
asssemblely instructions or a binary program directly as the input?
The second question:
Now I input a trace file ,I can get some files such as il file, stp... more »
|
|
|
How to fuzz?
|
| |
Hi guys! I am new to bitblaze. What I want to do is to fuzz (to get an
automatic input generator for maximal code coverage).
I wrote a simple program
CODE START
char x;
// I read x from the network and it is the only tainted variable I
have
if (x=='5')
{
printf("Success");
...else if (x=='9')... more »
|
|
|
