Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

posix.files[0] is now removed but still in example

See original GitHub issue

Hi! I am now studying angr via examples from official docmuent. And I found a problem that in this file,the 21st line

        k = st.posix.files[0].read_from(1)

which is aimed to add constraints to stdin.But this method is now removed from angr. And it can also be found in this file. Could you please tell me how to add constraints to stdin in the latest angr? Thanks.

Issue Analytics

State:
Created 5 years ago
Comments:6 (2 by maintainers)

Top GitHub Comments

2reactions

driverCzncommented, May 17, 2021

When doing angr_ctf level 17, I found the solution.

# old angr (py2)
solution_state.posix.files[sys.stdin.fileno()].all_bytes()

# new angr (py3)
solution_state.posix.stdin.content[0][0]
# content -> list
# content[0] -> tuple
# content[0][0] -> BV

0reactions

Ai-Himmelcommented, Aug 30, 2018

@findream 用这个链接的事例. 大概说就是这样

flag_chars = [claripy.BVS('flag_%d' % i, 8) for i in range(28)]#构建每个字符的BVS
flag = claripy.Concat(*flag_chars + [claripy.BVV(b'\n')])#加上换行符构成字符串
st = p.factory.blank_state(addr=0xdeadbeef,stdin=flag)#构建状态，用stdin参数来约束输入
for k in flag_chars:
    st.solver.add(i >= 32)
    st.solver.add(i <= 126)
	#约束为可见字符
st.solver.add(flag_c[0] == 'f')
st.solver.add(flag_c[1] == 'l')
st.solver.add(flag_c[2] == 'a')
st.solver.add(flag_c[2] == 'g')
#约束前几个已知字符