fuzzer
fuzzer copied to clipboard
shellphish
ImportError when trying to fuzz
Hey,
I have successfully installed everything in a virtual environment and am now trying to fuzz a simple c-program with the following command:
shellphuzz -i -c 1 -d 1 /home/user/local_fuzzing/target/target_binary
When running this, i get the following error outputs:
WARNING | 2019-01-04 12:54:46,354 | angr.analyses.disassembly_utils | Your version of capstone does not support MIPS instruction groups. Traceback (most recent call last): File "/home/user/local_fuzzing/shellphish-afl/venv/bin/shellphuzz", line 10, in <module> import driller ImportError: No module named driller
Can anyone help me out with this? Is the angr error causing the ImportError and thats the reason for the crash? Or is just a warning I could ignore and the ImportError itself is the source of the crash? How do I fix it?
Thanks!
Addition:
For installation, I simply created a new virtual environment, activated into it and then ran the 2 commands like specified in the ReadMe here:
pip install git+https://github.com/shellphish/shellphish-afl
pip install git+https://github.com/shellphish/fuzzer
The error indicates you need the driller module installed, i.e. shellphish/driller.
On Fri, Jan 4, 2019 at 4:03 AM Elothis [email protected] wrote:
Hey,
I have successfully installed everything in a virtual environment and am now trying to fuzz a simple c-program with the following command: shellphuzz -i -c 1 -d 1 /home/user/local_fuzzing/target/target_binary
When running this, i get the following error outputs: WARNING | 2019-01-04 12:54:46,354 | angr.analyses.disassembly_utils | Your version of capstone does not support MIPS instruction groups. Traceback (most recent call last): File "/home/user/local_fuzzing/shellphish-afl/venv/bin/shellphuzz", line 10, in
import driller ImportError: No module named driller Can anyone help me out with this? Is the angr error causing the ImportError and thats the reason for the crash? Or is just a warning I could ignore and the ImportError itself is the source of the crash? How do I fix it?
Thanks!
Addition: For installation, I simply created a new virtual environment, activated into it and then ran the 2 commands like specified in the ReadMe here: pip install git+https://github.com/shellphish/shellphish-afl pip install git+https://github.com/shellphish/fuzzer
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/shellphish/fuzzer/issues/39, or mute the thread https://github.com/notifications/unsubscribe-auth/ACYg9R0fYiNt-QG5rZQnRPyxAS087Ybzks5u_0MLgaJpZM4ZpkKc .
Hi,
thanks for your response. Doing a pip install git+https://github.com/shellphish/driller actually solved that ImportError, but now I just get the next one:
Traceback (most recent call last): File "/home/user/local_fuzzing/shellphish-afl/venv/bin/shellphuzz", line 10, in <module> import driller File "/home/user/local_fuzzing/shellphish-afl/venv/local/lib/python2.7/site-packages/driller/__init__.py", line 1, in <module> from .driller_main import * File "/home/user/local_fuzzing/shellphish-afl/venv/local/lib/python2.7/site-packages/driller/driller_main.py", line 11, in <module> import tracer ImportError: No module named tracer
There does not seem to be anything like shellphish/tracer, does it? What is missing now?
Is there no complete installation guideline on how to setup driller? I simply want to use driller to fuzz and followed the instructions in the ReadMe here (which did not even tell me to do the install /shellphish/driller part you just told me).
So, what do I have to install exactly to make the shellphuzz -i -c 1 -d 1 /home/user/local_fuzzing/target/target_binary command work? Up to this point I did the following 3:
pip install git+https://github.com/shellphish/shellphish-afl
pip install git+https://github.com/shellphish/fuzzer
pip install git+https://github.com/shellphish/driller
All inside my virtual environment. Anything else I need to fix the ImportError named above or anything that would pop up after fixing this one as well?
Thank you very much :)
There are many more dependencies than are listed in the readme (which even helpfully notes that the list of dependencies is incomplete). Notably, driller requires tracer (angr/tracer) and shellphish-qemu. We can’t list this as an explicit dependency because there’s a different package called tracer on pypi.
For your own sanity, I strongly advise using the shellphish/mechaphish docker image instead of setting driller up yourself.
On Sun, Jan 6, 2019 at 8:15 AM Audrey Dutcher [email protected] wrote:
There are many more dependencies than are listed in the readme (which even helpfully notes that the list of dependencies is incomplete). Notably, driller requires tracer (angr/tracer) and shellphish-qemu. We can’t list this as an explicit dependency because there’s a different package called tracer on pypi.
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/shellphish/fuzzer/issues/39#issuecomment-451749145, or mute the thread https://github.com/notifications/unsubscribe-auth/ADSzl-EJzvC-RxIvCucgsLyoBIk1d0Uuks5vAhL5gaJpZM4ZpkKc .
The docker hasn’t had a successful build in the last month...
On Sun, Jan 6, 2019 at 11:55 AM Yan [email protected] wrote:
For your own sanity, I strongly advise using the shellphish/mechaphish docker image instead of setting driller up yourself.
On Sun, Jan 6, 2019 at 8:15 AM Audrey Dutcher [email protected] wrote:
There are many more dependencies than are listed in the readme (which even helpfully notes that the list of dependencies is incomplete). Notably, driller requires tracer (angr/tracer) and shellphish-qemu. We can’t list this as an explicit dependency because there’s a different package called tracer on pypi.
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/shellphish/fuzzer/issues/39#issuecomment-451749145, or mute the thread < https://github.com/notifications/unsubscribe-auth/ADSzl-EJzvC-RxIvCucgsLyoBIk1d0Uuks5vAhL5gaJpZM4ZpkKc
.
— You are receiving this because you commented.
Reply to this email directly, view it on GitHub https://github.com/shellphish/fuzzer/issues/39#issuecomment-451769604, or mute the thread https://github.com/notifications/unsubscribe-auth/ACYg9ZLKUcz1DtcEoGjRj9B6aQocjggHks5vAlSagaJpZM4ZpkKc .
It'll at least get a functional version, though. Driller doesn't change so frequently.
On Sun, Jan 6, 2019 at 1:24 PM Audrey Dutcher [email protected] wrote:
The docker hasn’t had a successful build in the last month...
On Sun, Jan 6, 2019 at 11:55 AM Yan [email protected] wrote:
For your own sanity, I strongly advise using the shellphish/mechaphish docker image instead of setting driller up yourself.
On Sun, Jan 6, 2019 at 8:15 AM Audrey Dutcher [email protected] wrote:
There are many more dependencies than are listed in the readme (which even helpfully notes that the list of dependencies is incomplete). Notably, driller requires tracer (angr/tracer) and shellphish-qemu. We can’t list this as an explicit dependency because there’s a different package called tracer on pypi.
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub <https://github.com/shellphish/fuzzer/issues/39#issuecomment-451749145 , or mute the thread <
https://github.com/notifications/unsubscribe-auth/ADSzl-EJzvC-RxIvCucgsLyoBIk1d0Uuks5vAhL5gaJpZM4ZpkKc
.
— You are receiving this because you commented.
Reply to this email directly, view it on GitHub https://github.com/shellphish/fuzzer/issues/39#issuecomment-451769604, or mute the thread < https://github.com/notifications/unsubscribe-auth/ACYg9ZLKUcz1DtcEoGjRj9B6aQocjggHks5vAlSagaJpZM4ZpkKc
.
— You are receiving this because you commented.
Reply to this email directly, view it on GitHub https://github.com/shellphish/fuzzer/issues/39#issuecomment-451771723, or mute the thread https://github.com/notifications/unsubscribe-auth/ADSzl4nBYXO_o2iR6i89_9GQesiMh4c7ks5vAltugaJpZM4ZpkKc .