Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 4 additions & 6 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -37,11 +37,9 @@ This module executes the following steps for each given binary:
We highly encourage you to use docker as this module has lots of dependencies and it helps to keep your machine as clean as possible.

1. Ensure that you have `docker` installed.
2. Build the Docker image from the project root: `sudo docker build . -t vulnerability_analytics:1.0.0-alpha -f ./docker/Dockerfile`
2. Build the Docker image from the OpenCRS project root (one directory up): `sudo docker build . -t vulnerability_analytics:1.0.0-alpha -f ./vulnerability_analytics/docker/Dockerfile`
3. Start a new container and give it access to the docker engine running on your machine: `sudo docker run -it -v /var/run/docker.sock:/var/run/docker.sock vulnerability_analytics:1.0.0-alpha bash`
4. Run the module using poetry: `/root/.local/bin/poetry vulnerability_analytics get --help`

**`Note:`** You can change the `$PATH` variable in order to acces poetry faster by running `export PATH="/root/.local/bin:$PATH"`
4. Run the module using poetry: `poetry run vulnerability_analytics get --help`

## Usage

Expand All @@ -50,7 +48,7 @@ We highly encourage you to use docker as this module has lots of dependencies an
#### Test Binary Crash

```bash
/root/.local/bin/poetry run python vulnerability_analytics get --binary-path=./test_binary/source.bin --binary-arguments="--string,santa"
➜ poetry run vulnerability_analytics get --binary-path=./test_binary/source.bin --binary-arguments="--string,santa"

INFO | 2022-12-20 02:52:50,013 | rex.Crash | Filtering memory writes.
INFO | 2022-12-20 02:52:50,019 | rex.Crash | Triaging the crash.
Expand All @@ -61,7 +59,7 @@ Press Enter to continue...
```

```bash
/root/.local/bin/poetry run python vulnerability_analytics get --binary-path=./test_binary/hammer_controller.bin --binary-arguments="himinbjörg_is_home,loki_sucks_ass" --binary-input="AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
➜ poetry run vulnerability_analytics get --binary-path=./test_binary/hammer_controller.bin --binary-arguments="himinbjörg_is_home,loki_sucks_ass" --binary-input="AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"

INFO | 2022-12-20 03:00:01,956 | rex.Crash | Preconstraining file stream <rex.preconstrained_file_stream.SimPreconstrainedFileStream object at 0x7f3d6040ee80> upon the first read().
WARNING | 2022-12-20 03:00:06,500 | angr.engines.successors | Exit state has over 256 possible solutions. Likely unconstrained; skipping. <BV64 aeg_input_default_5f_95_8 .. aeg_input_default_5e_94_8 .. aeg_input_default_5d_93_8 .. aeg_input_default_5c_92_8 .. aeg_input_default_5b_91_8 .. aeg_input_default_5a_90_8 .. aeg_input_default_59_89_8 .. aeg_input_default_58_88_8>
Expand Down
17 changes: 8 additions & 9 deletions docker/Dockerfile
Original file line number Diff line number Diff line change
@@ -1,18 +1,17 @@
FROM python:3.8.15

# Update and install Poetry (https://python-poetry.org/docs/)
FROM python:3.10

# Update and install Poetry
RUN apt-get update \
&& apt-get install docker.io -y \
&& curl -sSL https://install.python-poetry.org | python3 - \
&& export PATH="/root/.local/bin:$PATH"
&& apt-get install docker.io -y \
&& pip install poetry

COPY ./ /root/vulnerability_analytics/
COPY ./commons /root/commons/
COPY ./zeratool_lib /root/zeratool_lib/
COPY ./vulnerability_analytics /root/vulnerability_analytics/

WORKDIR /root/vulnerability_analytics

RUN /root/.local/bin/poetry install
RUN poetry install

# Keep the container alive

CMD ["/bin/bash"]
Loading