ofrak icon indicating copy to clipboard operation
ofrak copied to clipboard
verified publisher icon redballoonsecurity

Source install hurdles on WSL2/Ubuntu

Open Jepson2k opened this issue 2 years ago • 1 comments

What is the problem? (Here is where you provide a complete Traceback.) Following the instruction outline on the website for installing from source (running make develop in each of the recommended directories), but ran into a few hurdles that could be fixed to provide a smoother install experience.

Issues with the ofrak_patch_maker Makefile:

  • Copying toolchain.conf into the /etc/ directory requires root privileges.

Issues with the ofrak_core Makefile:

  • Uses NPM without checking if its installed.
  • Uses NPM packages without checking if they are installed.

Please provide some information about your environment. At minimum we would like the following information on your platform and Python environment:

  • Platform:
    • OS: Ubuntu 20.04.6 LTS on Windows 11
    • Kernel: 5.15.90.1-microsoft-standard
    • Python Platform Output: Linux-5.15.90.1-microsoft-standard-WSL2-x86_64-with-glibc2.29
  • Python environment: Please provide the output of python3 -m pip freeze.
  • Note I ran this command after getting everything installed:
aiohttp==3.8.4
aiohttp-cors==0.7.0
aiosignal==1.3.1
angr==9.2.6
archinfo==9.2.6
argon2-cffi==21.3.0
argon2-cffi-bindings==21.2.0
asgiref==3.6.0
asttokens==2.2.1
astunparse==1.6.3
async-generator==1.10
async-timeout==4.0.2
attrs==19.3.0
autoflake==1.4
Automat==0.8.0
backcall==0.2.0
backports.zoneinfo==0.2.1
beartype==0.12.0
beautifulsoup4==4.12.2
binwalk==2.2.0
bitstring==4.0.2
black==23.3.0
bleach==6.0.0
blinker==1.4
cachetools==5.3.1
capstone==4.0.2
certifi==2019.11.28
cffi==1.15.1
chardet==3.0.4
charset-normalizer==3.1.0
claripy==9.2.6
cle==9.2.6
click==8.1.3
cloud-init==23.1.2
colorama==0.4.3
comm==0.1.3
command-not-found==0.3
configobj==5.0.6
constantly==15.1.0
coverage==6.5.0
CppHeaderParser==2.7.4
cryptography==2.8
cstruct==5.2
cycler==0.10.0
dbus-python==1.2.16
debugpy==1.6.7
decorator==4.4.2
defusedxml==0.7.1
distlib==0.3.6
distro==1.4.0
distro-info===0.23ubuntu1
Django==4.2
dnspython==1.16.0
dpkt==1.9.8
ecdsa==0.18.0
entrypoints==0.3
esptool==4.6.2
exceptiongroup==1.1.1
execnet==1.9.0
executing==1.2.0
fastjsonschema==2.17.1
fdt==0.3.3
filelock==3.12.0
Flask==2.2.2
frozenlist==1.3.3
fun-coverage==0.2.0
future==0.18.3
ghp-import==2.1.0
gitdb==4.0.10
GitPython==3.1.31
gpg===1.13.1-unknown
httplib2==0.14.0
hyperlink==19.0.0
hypothesis==6.39.6
hypothesis-trio==0.6.0
idna==2.8
immutabledict==2.2.0
importlib-metadata==4.13.0
incremental==16.10.1
iniconfig==2.0.0
intervaltree==3.1.0
ipykernel==6.23.3
ipython==8.12.2
ipython-genutils==0.2.0
itanium-demangler==1.1
itsdangerous==2.1.2
jedi==0.18.2
jefferson==0.4.5
Jinja2==3.0.0
jsonpatch==1.22
jsonpointer==2.0
jsonschema==3.2.0
jupyter-client==8.3.0
jupyter-core==5.3.1
jupyterlab-pygments==0.2.2
keyring==18.0.1
keystone-engine==0.9.2
kiwisolver==1.0.1
language-selector==0.1
launchpadlib==1.10.13
lazr.restfulclient==0.14.2
lazr.uri==1.0.3
lief==0.12.3
lzallright==0.2.3
Markdown==3.4.3
MarkupSafe==2.1.2
matplotlib==3.1.2
matplotlib-inline==0.1.6
mergedeep==1.3.4
mistune==3.0.1
mkdocs==1.2.3
mkdocs-autorefs==0.3.0
mkdocs-gen-files==0.3.3
mkdocs-literate-nav==0.4.0
mkdocs-material==7.3.3
mkdocs-material-extensions==1.1.1
mkdocstrings==0.16.2
more-itertools==4.2.0
mpmath==1.3.0
mulpyplexer==0.9
multidict==6.0.4
mypy==0.942
mypy-extensions==1.0.0
nampa==0.1.1
nbclient==0.8.0
nbconvert==7.6.0
nbformat==5.9.0
nbval==0.9.6
nest-asyncio==1.5.6
netifaces==0.10.4
networkx==3.1
notebook==6.4.12
numpy==1.17.4
oauthlib==3.1.0
-e git+https://github.com/redballoonsecurity/ofrak.git@28b2680a65c2194ff26eca1d193512c89af31386#egg=ofrak&subdirectory=ofrak_core
-e git+https://github.com/redballoonsecurity/ofrak.git@28b2680a65c2194ff26eca1d193512c89af31386#egg=ofrak_angr&subdirectory=disassemblers/ofrak_angr
ofrak-capstone==1.0.0
-e git+https://github.com/redballoonsecurity/ofrak.git@28b2680a65c2194ff26eca1d193512c89af31386#egg=ofrak_ghidra&subdirectory=disassemblers/ofrak_ghidra
-e git+https://github.com/redballoonsecurity/ofrak.git@28b2680a65c2194ff26eca1d193512c89af31386#egg=ofrak_io&subdirectory=ofrak_io
-e git+https://github.com/redballoonsecurity/ofrak.git@28b2680a65c2194ff26eca1d193512c89af31386#egg=ofrak_patch_maker&subdirectory=ofrak_patch_maker
-e git+https://github.com/redballoonsecurity/ofrak.git@28b2680a65c2194ff26eca1d193512c89af31386#egg=ofrak_tutorial&subdirectory=ofrak_tutorial
-e git+https://github.com/redballoonsecurity/ofrak.git@28b2680a65c2194ff26eca1d193512c89af31386#egg=ofrak_type&subdirectory=ofrak_type
olefile==0.46
orjson==3.8.14
outcome==1.2.0
packaging==23.1
pandocfilters==1.5.0
parso==0.8.3
pathspec==0.11.1
pefile==2023.2.7
pexpect==4.6.0
pickleshare==0.7.5
Pillow==7.0.0
platformdirs==3.2.0
pluggy==1.0.0
plumbum==1.8.2
ply==3.11
progressbar2==4.2.0
prometheus-client==0.17.0
prompt-toolkit==3.0.38
protobuf==3.20.3
psutil==5.9.5
ptyprocess==0.7.0
pure-eval==0.2.2
py==1.11.0
pyasn1==0.4.2
pyasn1-modules==0.2.1
pycdlib==1.12.0
pycparser==2.21
pycrypto==2.6.1
pyelftools==0.29
pyflakes==3.0.1
Pygments==2.15.1
PyGObject==3.36.0
PyHamcrest==1.9.0
PyJWT==1.7.1
pymacaroons==0.13.0
pymdown-extensions==10.0.1
PyNaCl==1.3.0
PyOpenGL==3.1.0
pyOpenSSL==19.0.0
pyparsing==2.4.6
PyQt5==5.15.7
PyQt5-Qt5==5.15.2
PyQt5-sip==12.11.0
pyqtgraph==0.11.0rc0
pyrsistent==0.15.5
pyserial==3.4
PySMT==0.9.6.dev44
pytest==7.1.3
pytest-aiohttp==1.0.4
pytest-asyncio==0.19.0
pytest-cov==4.1.0
pytest-lazy-fixture==0.6.3
pytest-xdist==3.3.1
python-apt==2.0.1+ubuntu0.20.4.1
python-can==4.1.0
python-dateutil==2.8.2
python-debian===0.1.36ubuntu1
python-magic==0.4.27
python-utils==3.6.0
pytkdocs==0.16.1
pyvex==9.2.6
PyYAML==6.0
pyyaml-env-tag==0.1
pyzmq==23.2.1
reedsolo==1.7.0
requests==2.22.0
requests-unixsocket==0.2.0
rpyc==5.3.1
scipy==1.3.3
SecretStorage==2.3.1
Send2Trash==1.8.2
service-identity==18.1.0
simplejson==3.16.0
sip==4.19.21
six==1.14.0
smmap==5.0.0
sniffio==1.3.0
sortedcontainers==2.2.2
sos==4.4
soupsieve==2.4.1
sqlparse==0.4.4
ssh-import-id==5.10
stack-data==0.6.2
sympy==1.12
synthol==0.1.1
systemd-python==234
termcolor==1.1.0
terminado==0.17.1
tinycss2==1.2.1
tokenize-rt==5.1.0
tomli==2.0.1
tornado==6.3.2
traitlets==5.9.0
trio==0.22.0
trio-asyncio==0.12.0
Twisted==18.9.0
typeguard==2.13.3
typing-extensions==4.4.0
typing-inspect==0.7.1
ubi-reader==0.8.5
ubuntu-advantage-tools==8001
ufw==0.36
unattended-upgrades==0.1
unicorn==1.0.2rc4
urllib3==1.25.8
virtualenv==20.22.0
wadllib==1.3.3
watchdog==3.0.0
wcwidth==0.2.6
webencodings==0.5.1
Werkzeug==2.2.2
wrapt==1.14.1
xattr==0.10.1
yarl==1.9.2
z3-solver==4.12.2.0
zipp==1.0.0
zope.interface==4.7.1

If you've discovered it, what is the root cause of the problem? Permission issues and packages missing.

How often does the issue happen? On source install on fresh-ish installation of Ubuntu 20.04

What are the steps to reproduce the issue? Install ubuntu -> follow steps outlined on website to install from source.

How would you implement this fix? Here are some possible untested fixes for the ofrak_patch_maker and ofrak_core Makefiles:

PYTHON=python3
PIP=pip3
SUDO:=$(shell which sudo)
SUDO_USER:=$(shell whoami)


# toolchain.conf is a file mapping ID to the various binaries responsible for preprocessing,
#  assembling, compiling, linking, analyzing binaries for each currently supported toolchain.
.PHONY: toolchain_conf
toolchain_conf:
ifeq ($(SUDO_USER), root)
        cp ofrak_patch_maker/toolchain.conf /etc/toolchain.conf
else
ifdef SUDO
        $(SUDO) cp ofrak_patch_maker/toolchain.conf /etc/toolchain.conf
else
        @echo "Not root and sudo not found. Can't copy the file to /etc/toolchain.conf"
endif
endif
        mv ofrak_patch_maker/toolchain.conf ofrak_patch_maker/toolchain.conf.bak

.PHONY: install
install: toolchain_conf
        $(PIP) install .

.PHONY: develop
develop: toolchain_conf
        $(PIP) install -e .[test]

.PHONY: inspect
inspect:
        mypy

.PHONY: test
test: inspect
        $(PYTHON) -m pytest -n auto --cov=ofrak_patch_maker --cov-report=term-missing ofrak_patch_maker_test
        fun-coverage --cov-fail-under=100

PYTHON=python3
PIP=pip3
NPM:=$(shell which npm)
SUDO:=$(shell which sudo)
SUDO_USER:=$(shell whoami)
PKG_MANAGER:=$(shell command -v apt || command -v yum || command -v dnf || command -v brew)

.PHONY: install
install: ofrak/gui/public
        $(PIP) install .

.PHONY: develop
develop: ofrak/gui/public
        $(PIP) install -e .[docs,test]

.PHONY: inspect
inspect:
        mypy

.PHONY: test
test: inspect
        $(PYTHON) -m pytest -n auto test_ofrak --cov=ofrak --cov-report=term-missing
        fun-coverage --cov-fail-under=100

ofrak/gui/public:
        if [ -d /ofrak_gui ] ; then \
                cp -r /ofrak_gui ofrak/gui/public ; \
        elif [ -d ../frontend ]; then \
ifeq ($(SUDO_USER), root)
                echo "Running as root" ; \
ifdef NPM
                echo "npm is already installed" ; \
else
                echo "npm is not installed, installing npm..." ; \
                $(PKG_MANAGER) install npm -y ; \
endif
else
ifdef SUDO
                echo "Running as non-root, sudo available" ; \
ifdef NPM
                echo "npm is already installed" ; \
else
                echo "npm is not installed, installing npm..." ; \
                $(SUDO) $(PKG_MANAGER) install npm -y ; \
endif
else
                echo "Not root and sudo not found. Can't install npm. Please install manually." ; \
endif
endif
                cd ../frontend && \
                npm install && \
                npm run build && \
                cd ../ofrak_core && \
                cp -r ../frontend/public ofrak/gui/public ; \
        fi

Are there any (reasonable) alternative approaches? Yes, many. Are you interested in implementing it yourself? Sure

Jepson2k avatar Jun 28 '23 18:06 Jepson2k

https://github.com/redballoonsecurity/ofrak/pull/314 partially addresses the first part (allowing the toolchain to not go into /etc)

ANogin avatar Jun 28 '23 18:06 ANogin