Symbolic Execution with angr on Real-World Targets
This class can also be joined REMOTELY. Click below for details.
Automated Binary Analysis with Angr - Sample Lesson ## Key Learning Objectives * Students will have the ability to perform symbolic and concolic execution with angr * Students have the ability to use manual and automated techniques with angr * Students will know how to leverage angr's strengths and complement its weaknesses ## Detailed Syllabus #### Background * Symbolic execution / Concolic execution * Bit vectors * SMT/SAT solving * Abstract syntax tree (AST) and DPLL algorithm * Path explosion problem #### Angr Usage and API * API: loader, symbolic execution, solver engine * Emulator: stepping, running, hooking * Symbion and concolic execution: using debugger state with emulator * Diassembly, decompilation, control-flow graphs * Backward slicing * VEX IR, PyVex, and libVEX * Components: Capstone, Unicorn, claripy, Z3, valgrind * Extending angr functionality #### Plug-ins, Tools, and Workflow Integration * Natural workflow of angr with IDA, Ghidra, qemu, pwntools and gdb * Pypcode: library allowing symbolic execution of Ghidra’s p-code * Plug-ins: Angry Ghidra, IDAngr, Jupyter’s Angry kernel * angr's GUI: angr-management * Other plugins #### Applications * Malware deobfuscation * identifying vulnerabilities and creating proof-of-concepts for vulnerabilities * Crafting exploits * General RE ## Who Should Attend This training is for people who are in the weeds, assessing binaries for vulnerabilities, crafting exploits, and reverse engineering malware. ## Knowledge Prerequisites This is an intermediate class. Students are expected to have experience with RE, VR, Linux, C, Python, and x86-64 assembly. Students are not expected to have any experience with symbolic execution, SMT, or angr. ## Hardware Requirements Students are expected to have their own computers which can run an x86-64 virtual machine. * 50 GB of free hard disk space * 4GB of RAM * 4 Processor cores ## Software Requirements * VMware -or- * Virtualbox