Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

I see a lot of exceptions on string lief.PE.parse(self.bytez) #3

Closed
MI5VICTIM opened this issue Jan 29, 2018 · 2 comments
Closed

I see a lot of exceptions on string lief.PE.parse(self.bytez) #3

MI5VICTIM opened this issue Jan 29, 2018 · 2 comments

Comments

@MI5VICTIM
Copy link

Hello. I tried to reproduce your method with my dataset and ran into a problem.

I'm working with python3.6 on Arch Linux.

$ pip freeze
backports.weakref==1.0rc1
bleach==1.5.0
cached-property==1.3.1
certifi==2018.1.18
chainer==2.0.1
chainerrl==0.2.0
chardet==3.0.4
decorator==4.2.1
filelock==3.0.0
future==0.16.0
gym==0.9.2
h5py==2.7.0
html5lib==0.9999999
idna==2.5
ipython==6.1.0
ipython-genutils==0.2.0
jedi==0.11.1
Keras==2.0.5
keras-rl==0.3.0
lief==0.8.3
Markdown==2.6.11
nose==1.3.7
numpy==1.13.1
parso==0.1.1
pexpect==4.3.1
pickleshare==0.7.4
Pillow==5.0.0
prompt-toolkit==1.0.15
protobuf==3.5.1
ptyprocess==0.5.2
pyglet==1.3.0
Pygments==2.2.0
PyYAML==3.12
requests==2.18.1
scikit-learn==0.18.2
scipy==0.19.1
simplegeneric==0.8.1
six==1.11.0
sklearn==0.0
tensorflow==1.2.1
Theano==0.9.0
traitlets==4.3.2
urllib3==1.21.1
wcwidth==0.1.7
Werkzeug==0.14.1

PE format files are in the samles directory.
A typical file looks like this:

file 0426fd4a5075d8e1f5d919d817a72c6d1155180b74216235c7fd2249e746b5cb
0426fd4a5075d8e1f5d919d817a72c6d1155180b74216235c7fd2249e746b5cb: PE32 executable (console) Intel 80386, for MS Windows, UPX compressed

Cut from the log:

new hash: 5c0f2e48530947912c8df9c55b0f378d0ed3fa84d6207b30f717dd23c4b4d1d2
score=0.9811470102965859 (hidden), label=1.0
overlay_append
new hash: 15dce7f20d8bf5272f60303dae9af4a44a0d06681ec06f1e5251b5184a17f8bf
score=0.9811470102965859 (hidden), label=1.0
section_rename
Process Process-70:

Traceback (most recent call last):
File "/usr/lib64/python3.6/multiprocessing/process.py", line 258, in _bootstrap
self.run()
File "/usr/lib64/python3.6/multiprocessing/process.py", line 93, in run
self._target(*self._args, **self._kwargs)
File "/home/ghost/PycharmProjects/gym-malware/gym_malware/envs/controls/manipulate2.py", line 359, in helper
shared_list[:] = _action(seed)
File "/home/ghost/PycharmProjects/gym-malware/gym_malware/envs/controls/manipulate2.py", line 112, in section_rename
binary = lief.PE.parse(self.bytez)
_pylief.bad_file

I hope for your help.
@MI5VICTIM
Copy link
Author

It seems that the problem was solved. I just installed the right version.

pip install https://github.com/lief-project/LIEF/releases/download/0.7.0/linux_lief-0.7.0_py3.6.tar.gz

@Aliang-CN
Copy link

lift.parse

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@MI5VICTIM @Aliang-CN