Example script showing how to switch from a concrete execution of a PANDA guest into symbolic execution using angr.
- Runs the program
crackme/crackme2in a PANDA i386 linux guest. - Copies code and memory into angr on demand and leaves malloc'd buffer as symbolic.
- Finds a solution to solve the crackme, places it in PANDA guest's memory
- Resumes guest execution to execute the success path
- Restarts concrete execution from the beginning and runs crackme with given solution from the start
- Install PANDA from source and install the pandare python package.
- Install angrypanda requirements with
pip install -r requirements.txt