DeforaNetworks/manticore
3
0
Fork 0
Code Releases Activity
18 Commits 7 Branches 0 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Mark Mossberg 103d32c0a7 Make m.verbosity=2 work (#24) 
* Make each model get "MODEL" logger instead of unique name

This makes implementing `manticore.verbosity` actually work for level
2

* Replace model names with 'MODEL'
2017-02-24 15:21:37 -05:00
examples
Rm helloworld in make clean (#27)
2017-02-24 15:21:28 -05:00
manticore
Make m.verbosity=2 work (#24)
2017-02-24 15:21:37 -05:00
scripts
Port to real python package structure (#6)
2017-02-15 12:32:08 -05:00
test
Fix symbolic argv (#12)
2017-02-15 13:35:40 -05:00
.gitignore
Remove ManticoreControl object [#180] (#4)
2017-02-14 14:54:52 -05:00
.travis.yml
Replace travis opt in with travis opt out (#11)
2017-02-15 13:06:49 -05:00
LICENSE
Add LICENSE file (#5)
2017-02-13 18:30:25 -05:00
README.md
m.start -> m.run (#25)
2017-02-22 10:08:35 -05:00
requirements.txt
Remove embedded elftools, use proper dependency (#1)
2017-02-13 14:51:05 -05:00
setup.py
Port to real python package structure (#6)
2017-02-15 12:32:08 -05:00
stats.py
Initial import
2017-02-13 12:04:15 -05:00

README.md

manticore

Build Status

Manticore is a symbolic execution engine for binary analysis, usable as a command line tool or Python Library (pre-alpha).

It executes multiple paths of a program simultaneously by replacing input data with a set of constraints representing all possible values of that data, allowing it to thoroughly discover numerous paths as the program executes control flow. By solving the constraints with a theorem prover, Manticore generates concrete inputs to trigger discovered paths.

features

  • Input Generation: Manticore automatically generates inputs that trigger unique code paths.
  • Defect Discovery: Manticore discovers program defects enabling memory safety violations and generates inputs to trigger them.
  • Execution Tracing: Manticore records an instruction-level trace of the program's execution for each generated input.
  • Concolic Execution: Manticore loads memory dumps of running Windows programs to allow deep state space exploration.
  • Programmatic Interface (pre-alpha): Manticore exposes programmatic access to its symbolic execution engine via a Python API.

scope

Manticore supports binaries of the following formats, operating systems, and architectures. It has been primarily used on binaries compiled from C and C++.

  • OS/Formats: Linux ELF, Windows Minidump
  • Architectures: x86, x86_64, ARMv7

requirements

Manticore is officially supported on Linux and uses Python 2.7.

required dependencies

  • Python Dependencies: Run pip install -r requirements.txt
  • Z3 Theorem Prover: Download the latest release for your platform from https://github.com/Z3Prover/z3/releases/latest, and place the enclosed z3 binary in your $PATH.
    • Alternatively, CVC4 or Yices can be used.

optional dependencies

  • Unicorn Emulation Engine: Allows Manticore to handle unimplemented instructions

development dependencies

  • keystone: Used in unit tests

usage

python main.py ./path/to/binary  # runs, and creates a directory with analysis results

or

# example Manticore script
from manticore import Manticore

hook_pc = 0x400ca0

m = Manticore('./path/to/binary')

def hook(state):
  cpu = state.cpu
  print 'eax', cpu.EAX
  print cpu.read_int(cpu.SP)
  
  m.terminate()  # tell Manticore to stop

m.add_hook(hook_pc, hook)
m.run()
Description
No description provided
Readme 12 MiB
Languages
Python 100%