angr / angr-z3 Goto Github PK

This project forked from z3prover/z3

The Z3 Theorem Prover - repository for staging python distributions

License: Other

C++ 88.65% C 1.66% C# 2.40% Java 1.77% OCaml 1.03% Python 3.39% Shell 0.14% SMT 0.15% CMake 0.76% Makefile 0.01% Dockerfile 0.04% Batchfile 0.01%

angr-z3's Introduction

angr

angr is a platform-agnostic binary analysis framework. It is brought to you by the Computer Security Lab at UC Santa Barbara, SEFCOM at Arizona State University, their associated CTF team, Shellphish, the open source community, and @rhelmot.

Project Links

Homepage: https://angr.io

Project repository: https://github.com/angr/angr

Documentation: https://docs.angr.io

API Documentation: https://api.angr.io/en/latest/

What is angr?

angr is a suite of Python 3 libraries that let you load a binary and do a lot of cool things to it:

Disassembly and intermediate-representation lifting
Program instrumentation
Symbolic execution
Control-flow analysis
Data-dependency analysis
Value-set analysis (VSA)
Decompilation

The most common angr operation is loading a binary: p = angr.Project('/bin/bash') If you do this in an enhanced REPL like IPython, you can use tab-autocomplete to browse the top-level-accessible methods and their docstrings.

The short version of "how to install angr" is mkvirtualenv --python=$(which python3) angr && python -m pip install angr.

Example

angr does a lot of binary analysis stuff. To get you started, here's a simple example of using symbolic execution to get a flag in a CTF challenge.

import angr

project = angr.Project("angr-doc/examples/defcamp_r100/r100", auto_load_libs=False)

@project.hook(0x400844)
def print_flag(state):
    print("FLAG SHOULD BE:", state.posix.dumps(0))
    project.terminate_execution()

project.execute()

Quick Start

Install Instructions
Documentation as HTML and sources in the angr Github repository
Dive right in: top-level-accessible methods
Examples using angr to solve CTF challenges.
API Reference
awesome-angr repo

angr-z3's People

Contributors

Stargazers

Watchers

Forkers

zardus chubbymaggie shadown windhl xybsoft wellcomez lixuan2416 sahinburak donggeliu skiyer tjuliuyin cndotaez luoxhei del2341 mario-szk

angr-z3's Issues

Not really an issue

Dear all,
I would know if there is a reason for the z3-solver to be slower with Pyhton 3.7 than with Python 3.5.

best regards

Unable to install for Mac os Sierra (10.12.4)

(Copying the issue by @Tzaoh from the one opened on the angr repo, since this is an angr-z3 specific problem. I have the same issue too.)

Following INSTALL.md
Same error with pip or gcc.
Any ideas?

$ pip install -I --no-binary :all: angr-only-z3-custom
Collecting angr-only-z3-custom
  Using cached angr-only-z3-custom-9002.tar.gz
Collecting z3-solver (from angr-only-z3-custom)
  Using cached z3-solver-4.5.1.0.post1.tar.gz
Skipping bdist_wheel for angr-only-z3-custom, due to binaries being disabled for it.
Skipping bdist_wheel for z3-solver, due to binaries being disabled for it.
Installing collected packages: z3-solver, angr-only-z3-custom
  Running setup.py install for z3-solver ... error
    Complete output from command /Users/tzaoh/Envs/angr/bin/python2.7 -u -c "import setuptools, tokenize;__file__='/private/var/folders/xc/s12gx5n55lnghthgdz1gg2mr0000gn/T/pip-build-MzxS0o/z3-solver/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, __file__, 'exec'))" install --record /var/folders/xc/s12gx5n55lnghthgdz1gg2mr0000gn/T/pip-m5jWX1-record/install-record.txt --single-version-externally-managed --compile --install-headers /Users/tzaoh/Envs/angr/bin/../include/site/python2.7/z3-solver:
    running install
    running build
    Configuring Z3
    Configured with: --prefix=/Library/Developer/CommandLineTools/usr --with-gxx-include-dir=/usr/include/c++/4.2.1
    New component: 'util'
    New component: 'polynomial'
    New component: 'sat'
    New component: 'nlsat'
    New component: 'hilbert'
    New component: 'simplex'
    New component: 'automata'
    New component: 'interval'
    New component: 'realclosure'
    New component: 'subpaving'
    New component: 'ast'
    New component: 'rewriter'
    New component: 'normal_forms'
    New component: 'model'
    New component: 'tactic'
    New component: 'substitution'
    New component: 'parser_util'
    New component: 'grobner'
    New component: 'euclid'
    New component: 'core_tactics'
    New component: 'sat_tactic'
    New component: 'arith_tactics'
    New component: 'nlsat_tactic'
    New component: 'subpaving_tactic'
    New component: 'aig_tactic'
    New component: 'solver'
    New component: 'ackermannization'
    New component: 'interp'
    New component: 'cmd_context'
    New component: 'extra_cmds'
    New component: 'smt2parser'
    New component: 'proof_checker'
    New component: 'simplifier'
    New component: 'fpa'
    New component: 'macros'
    New component: 'pattern'
    New component: 'bit_blaster'
    New component: 'smt_params'
    New component: 'proto_model'
    New component: 'smt'
    New component: 'bv_tactics'
    New component: 'fuzzing'
    New component: 'smt_tactic'
    New component: 'sls_tactic'
    New component: 'qe'
    New component: 'duality'
    New component: 'muz'
    New component: 'dataflow'
    New component: 'transforms'
    New component: 'rel'
    New component: 'pdr'
    New component: 'clp'
    New component: 'tab'
    New component: 'bmc'
    New component: 'ddnf'
    New component: 'duality_intf'
    New component: 'fp'
    New component: 'nlsat_smt_tactic'
    New component: 'ufbv_tactic'
    New component: 'sat_solver'
    New component: 'smtlogic_tactics'
    New component: 'fpa_tactics'
    New component: 'portfolio'
    New component: 'smtparser'
    New component: 'opt'
    New component: 'api'
    New component: 'shell'
    New component: 'test'
    New component: 'api_dll'
    New component: 'dotnet'
    New component: 'java'
    New component: 'ml'
    New component: 'cpp'
    Python bindings directory was detected.
    New component: 'python'
    New component: 'python_install'
    New component: 'cpp_example'
    New component: 'z3_tptp'
    New component: 'c_example'
    New component: 'maxsat'
    New component: 'dotnet_example'
    New component: 'java_example'
    New component: 'ml_example'
    New component: 'py_example'
    Generating src/util/version.h from src/util/version.h.in
    Generated 'src/util/version.h'
    Generating src/api/dotnet/Properties/AssemblyInfo.cs from src/api/dotnet/Properties/AssemblyInfo.cs.in
    Generated 'src/ackermannization/ackermannization_params.hpp'
    Generated 'src/ackermannization/ackermannize_bv_tactic_params.hpp'
    Generated 'src/ast/pp_params.hpp'
    Generated 'src/ast/fpa/fpa2bv_rewriter_params.hpp'
    Generated 'src/ast/normal_forms/nnf_params.hpp'
    Generated 'src/ast/pattern/pattern_inference_params_helper.hpp'
    Generated 'src/ast/rewriter/arith_rewriter_params.hpp'
    Generated 'src/ast/rewriter/array_rewriter_params.hpp'
    Generated 'src/ast/rewriter/bool_rewriter_params.hpp'
    Generated 'src/ast/rewriter/bv_rewriter_params.hpp'
    Generated 'src/ast/rewriter/fpa_rewriter_params.hpp'
    Generated 'src/ast/rewriter/poly_rewriter_params.hpp'
    Generated 'src/ast/rewriter/rewriter_params.hpp'
    Generated 'src/ast/simplifier/arith_simplifier_params_helper.hpp'
    Generated 'src/ast/simplifier/array_simplifier_params_helper.hpp'
    Generated 'src/ast/simplifier/bv_simplifier_params_helper.hpp'
    Generated 'src/interp/interp_params.hpp'
    Generated 'src/math/polynomial/algebraic_params.hpp'
    Generated 'src/math/realclosure/rcf_params.hpp'
    Generated 'src/model/model_evaluator_params.hpp'
    Generated 'src/model/model_params.hpp'
    Generated 'src/muz/base/fixedpoint_params.hpp'
    Generated 'src/nlsat/nlsat_params.hpp'
    Generated 'src/opt/opt_params.hpp'
    Generated 'src/parsers/util/parser_params.hpp'
    Generated 'src/sat/sat_asymm_branch_params.hpp'
    Generated 'src/sat/sat_params.hpp'
    Generated 'src/sat/sat_scc_params.hpp'
    Generated 'src/sat/sat_simplifier_params.hpp'
    Generated 'src/smt/params/smt_params_helper.hpp'
    Generated 'src/solver/combined_solver_params.hpp'
    Generated 'src/tactic/sls/sls_params.hpp'
    Generated 'src/tactic/smtlogics/qfufbv_tactic_params.hpp'
    Generated 'src/ast/pattern/database.h'
    Generated 'src/shell/install_tactic.cpp'
    Generated 'src/test/install_tactic.cpp'
    Generated 'src/api/dll/install_tactic.cpp'
    Generated 'src/shell/mem_initializer.cpp'
    Generated 'src/test/mem_initializer.cpp'
    Generated 'src/api/dll/mem_initializer.cpp'
    Generated 'src/shell/gparams_register_modules.cpp'
    Generated 'src/test/gparams_register_modules.cpp'
    Generated 'src/api/dll/gparams_register_modules.cpp'
    Generated 'src/api/python/z3/z3consts.py
    Generated 'src/api/api_log_macros.h'
    Generated 'src/api/api_log_macros.cpp'
    Generated 'src/api/api_commands.cpp'
    Generated 'src/api/python/z3/z3core.py'
    Listing src/api/python/z3 ...
    Compiling src/api/python/z3/z3consts.py ...
    Compiling src/api/python/z3/z3core.py ...
    Generated python bytecode
    Copied 'z3consts.py'
    Copied 'z3core.py'
    Copied 'z3consts.pyc'
    Copied 'z3core.pyc'
    Testing ar...
    Testing g++...
    Testing gcc...
    Testing floating point support...
    Testing OpenMP...
    Host platform:  Darwin
    C++ Compiler:   g++
    C Compiler  :   gcc
    Archive Tool:   ar
    Arithmetic:     internal
    OpenMP:         False
    Prefix:         /usr/local
    64-bit:         True
    FP math:        SSE2-GCC
    Python pkg dir: /Users/tzaoh/Envs/angr/lib/python2.7/site-packages
    Python version: 2.7
    Writing build/Makefile
    Copied Z3Py example 'all_interval_series.py' to 'build/python'
    Copied Z3Py example 'example.py' to 'build/python'
    Copied Z3Py example 'socrates.py' to 'build/python'
    Copied Z3Py example 'visitor.py' to 'build/python'
    Makefile was successfully generated.
      compilation mode: Release
    Type 'cd build; make' to build Z3
    Building Z3
    src/smt/smt_statistics.cpp
    src/interp/iz3profiling.cpp
    src/util/approx_nat.cpp
    src/util/common_msgs.cpp
    src/util/luby.cpp
    src/api/dll/dll.cpp
    src/util/approx_set.cpp
    src/util/cooperate.cpp
    src/util/memory_manager.cpp
    src/util/page.cpp
    src/util/timeit.cpp
    src/util/z3_exception.cpp
    src/api/api_commands.cpp
    src/api/api_log.cpp
    src/util/bit_util.cpp
    src/util/lbool.cpp
    src/util/mpn.cpp
    src/util/scoped_ctrl_c.cpp
    src/util/scoped_timer.cpp
    src/util/stack.cpp
    src/util/timeout.cpp
    src/util/timer.cpp
    src/util/util.cpp
    src/shell/z3_log_frontend.cpp
    src/solver/smt_logics.cpp
    src/util/fixed_bit_vector.cpp
    src/util/hash.cpp
    ../src/util/hash.cpp:86:9: error: fallthrough annotation does not directly precede switch label
            Z3_fallthrough;
            ^
    ../src/util/util.h:82:26: note: expanded from macro 'Z3_fallthrough'
    #  define Z3_fallthrough [[clang::fallthrough]]
                             ^
    1 error generated.
    make: *** [util/hash.o] Error 1
    make: *** Waiting for unfinished jobs....
    error: Unable to build Z3.

    ----------------------------------------
Command "/Users/tzaoh/Envs/angr/bin/python2.7 -u -c "import setuptools, tokenize;__file__='/private/var/folders/xc/s12gx5n55lnghthgdz1gg2mr0000gn/T/pip-build-MzxS0o/z3-solver/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, __file__, 'exec'))" install --record /var/folders/xc/s12gx5n55lnghthgdz1gg2mr0000gn/T/pip-m5jWX1-record/install-record.txt --single-version-externally-managed --compile --install-headers /Users/tzaoh/Envs/angr/bin/../include/site/python2.7/z3-solver" failed with error code 1 in /private/var/folders/xc/s12gx5n55lnghthgdz1gg2mr0000gn/T/pip-build-MzxS0o/z3-solver/

package com.microsoft.z3

Hi, there is no jar file for the package com.microsoft.z3 to download. It is not even on the website lab-download.jar, though there is a download button, no jar file is attached to the download button. Please help me with this issue ASAP. Thanks in advance!

New z3 versions for pypi

Hi, It's been a long time since a release of z3 in pypi, So wouldn't it be good to have a release now with all the latest updates of z3?

Compile error on ARM. Recompile with -fPIC

Hi,
I'm trying to install angr on my ARM, I can install everything but angr-z3 gives me problems. I receive the error recompile with -fPIC right at the end. If I install it with cmake all goes fine but, after that, if I try to import claripy it is not possible to find z3solver module. Having a look on the z3 repo a possible solution would be to add -fPIC into CXXFLAGS. I would ask your opinion and understand if in the meantime I can compile it using cmake and solve my problem with z3solver doing something else.

Thanks

[Bug] `from z3 import *` caused core dump when trying to connect mysql

Hi, I have the following script, and it causes core dump of the python program:

from z3 import *
import mysql.connector

if __name__ == "__main__":

    config = {
        'user': 'zhangys',
        'password': 'zhangys',
        'host': 'localhost',
        'port': '3306',
        'raise_on_warnings': True}
    try:
         conn = mysql.connector.connect(**config)
    except Exception as e:
         print(e)

The execution:

zhangys@xxx:~/remote/tryargs$ python3 test.py 
Segmentation fault (core dumped)

My tool versions:

zhangys@xxx:~$ which python3
/usr/bin/python3
zhangys@xxx:~$ /usr/bin/python3 --version
Python 3.6.9

zhangys@xxx:~$ pip3 freeze | grep z3
z3-solver==4.8.7.0
zhangys@xxx:~s$ pip3 freeze | grep mysql-connector
mysql-connector-python==8.0.19

zhangys@xxx:~$ mysql --version
mysql  Ver 14.14 Distrib 5.7.29, for Linux (x86_64) using  EditLine wrapper

My OS:

zhangys@xxx:/etc$ uname -r
4.15.0-72-generic
zhangys@xxx:/etc$ cat os-release 
NAME="Ubuntu"
VERSION="18.04.3 LTS (Bionic Beaver)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 18.04.3 LTS"
VERSION_ID="18.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=bionic
UBUNTU_CODENAME=bionic

z3-solver package on Python package index doesn't include Python 3 wheels

https://pypi.python.org/pypi/z3-solver

The z3-solver package only has Python 2 wheels, but I expect it to have Python 3 wheels as well, since the documentation seems to suggest that there is Python 3 support.

(I was directed here by Z3Prover#1254 (comment).)

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.

Jobs

Jooble