Skip to content

Instantly share code, notes, and snippets.

@ywkw1717
Created May 19, 2019 08:00
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save ywkw1717/cb66ff69fb9c6cb2d0c60bf6a02a1e02 to your computer and use it in GitHub Desktop.
#!/usr/bin/env python
import angr
proj = angr.Project("./scramble", load_options={"auto_load_libs": False})
addr_main = 0x400680
initial_state = proj.factory.blank_state(addr=addr_main)
path_group = proj.factory.path_group(initial_state)
e = path_group.explore(find=(0x400737,), avoid=(0x4006fb,))
if len(e.found) > 0:
print 'Dump stdin at succeeded():'
s = e.found[0].state
print "%r" % s.posix.dumps(0)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment