DeforaNetworks/manticore
3
0
Fork 0
Code Releases Activity
manticore/examples/script/state_control.py
Mark Mossberg fbe3a197ba Install instructions updates (#171) 
* Install instructions updates

* Update README.md

* also need pip

* need to update, plus compact a few things

* add -y

* grammar?

* typos

* Add bountysource link

* consistency

* Point users to the examples dir and wiki

I thought these links were cluttering things a bit, and 2 out of 3 of
them aren’t official documentation yet we’re linking to them in the
first line of the README. I updated the wiki to address these directly
in a way I think is more clear.

* link to Z3 releases

* oops, don't know where that came from

* ensure people run the latest pip

* be more explicit

* Add an Issue Template

* be more explicit

* no longer appropriate here

* unnecessary

* add note about 16.04

* move issue template to hidden folder

* Spelling

* be explicit, makes copy/paste easier
2017-04-24 12:19:10 -04:00

42 lines
1.1 KiB
Python
Executable File
Raw Blame History

#!/usr/bin/env python
import sys
from manticore import Manticore
'''
Demonstrates the ability to guide Manticore's state exploration. In this case,
abandoning a state we're no longer interested in.
Usage:
$ gcc -static -g src/state_explore.c -o state_explore # -static is optional
$ ADDRESS=0x$(objdump -S state_explore | grep -A 1 'value == 0x41' |
tail -n 1 | sed 's|^\s*||g' | cut -f1 -d:)
$ python ./state_control.py state_explore $ADDRESS
'''
if __name__ == '__main__':
if len(sys.argv) < 3:
sys.stderr.write("Usage: %s [binary] [address]\n"%(sys.argv[0],))
sys.exit(2)
m = Manticore(sys.argv[1])
# Uncomment to see debug output
#m.verbosity = 2
# Set to the address of the conditional at state_explore.c:38, which will be
# abandoned. If line 36 of this script is commented out, Manticore will
# explore all reachable states.
to_abandon = int(sys.argv[2], 0)
@m.hook(to_abandon)
def explore(state):
print "Abandoning state at PC: ", hex(state.cpu.PC)
state.abandon()
print "Adding hook to: {:x}".format(to_abandon)
m.run()
View Git Blame Copy Permalink