diff --git a/Dockerfile b/Dockerfile index 1770c79d8fd..f56d41cfafe 100644 --- a/Dockerfile +++ b/Dockerfile @@ -8,7 +8,7 @@ ARG BASE_IMAGE # Copy dependencies lists into container. We copy them all and then do a mv because # we need to transform base_image into a windows compatible filename which we can't # do in a COPY command. -COPY ./panda/dependencies/* /tmp +COPY ./panda/dependencies/* /tmp/ RUN mv /tmp/$(echo "$BASE_IMAGE" | sed 's/:/_/g')_build.txt /tmp/build_dep.txt && \ mv /tmp/$(echo "$BASE_IMAGE" | sed 's/:/_/g')_base.txt /tmp/base_dep.txt @@ -129,13 +129,12 @@ COPY --from=cleanup /lib/libosi.so /lib/libiohal.so /lib/liboffset.so /lib/ # Workaround issue #901 - ensure LD_LIBRARY_PATH contains the panda plugins directories #ARG TARGET_LIST="x86_64-softmmu,i386-softmmu,arm-softmmu,ppc-softmmu,mips-softmmu,mipsel-softmmu" -ENV LD_LIBRARY_PATH /usr/local/lib/python3.8/dist-packages/pandare/data/x86_64-softmmu/panda/plugins/:/usr/local/lib/python3.8/dist-packages/pandare/data/i386-softmmu/panda/plugins/:/usr/local/lib/python3.8/dist-packages/pandare/data/arm-softmmu/panda/plugins/:/usr/local/lib/python3.8/dist-packages/pandare/data/ppc-softmmu/panda/plugins/:/usr/local/lib/python3.8/dist-packages/pandare/data/mips-softmmu/panda/plugins/:/usr/local/lib/python3.8/dist-packages/pandare/data/mipsel-softmmu/panda/plugins/ +ENV LD_LIBRARY_PATH /usr/local/lib/panda/x86_64:/usr/local/lib/panda/i386:/usr/local/lib/panda/arm:/usr/local/lib/panda/ppc:/usr/local/lib/panda/mips:/usr/local/lib/panda/mipsel #PANDA_PATH is used by rust plugins -ENV PANDA_PATH /usr/local/lib/python3.8/dist-packages/pandare/data +ENV PANDA_PATH /usr/local/lib/panda # Ensure runtime dependencies are installed for our libpanda objects and panda plugins RUN ldconfig && \ update-alternatives --install /usr/bin/python python /usr/bin/python3 10 && \ - if (ldd /usr/local/lib/python*/dist-packages/pandare/data/*-softmmu/libpanda-*.so | grep 'not found'); then exit 1; fi && \ - if (ldd /usr/local/lib/python*/dist-packages/pandare/data/*-softmmu/panda/plugins/*.so | grep 'not found'); then exit 1; fi \ No newline at end of file + if (ldd /usr/local/bin/libpanda-*.so | grep 'not found'); then exit 1; fi diff --git a/panda/docs/time-travel.md b/panda/docs/time-travel.md index 852b89ad902..2115d3572ce 100644 --- a/panda/docs/time-travel.md +++ b/panda/docs/time-travel.md @@ -4,7 +4,7 @@ Time-travel debugging requires the [`checkpoint`](../plugins/checkpoint) plugin To enable checkpoints and time-travel debugging, and halt the replay until a GDB client attaches, ```sh -$PANDA_PATH/build/x86_64-softmmu/panda-system-x86_64 -replay foo -S -s -panda checkpoint +$PANDA_PATH/build/x86_64/panda-system-x86_64 -replay foo -S -s -panda checkpoint ``` To attach the GDB client and load PANDA commands, run diff --git a/panda/plugins/asidstory/README.md b/panda/plugins/asidstory/README.md index ee87cd9efa3..06958adbdbe 100644 --- a/panda/plugins/asidstory/README.md +++ b/panda/plugins/asidstory/README.md @@ -260,4 +260,4 @@ Example To run `asidstory` on a Windows XP 32-bit recording with a 180 character wide diagram: -`$PANDA_PATH/i386-softmmu/panda-system-i386 -replay foo -os windows-32-xpsp3 -panda asidstory:width=180` +`$PANDA_PATH/i386/panda-system-i386 -replay foo -os windows-32-xpsp3 -panda asidstory:width=180` diff --git a/panda/plugins/checkpoint/README.md b/panda/plugins/checkpoint/README.md index 19671960cc9..0bc7a2a0694 100644 --- a/panda/plugins/checkpoint/README.md +++ b/panda/plugins/checkpoint/README.md @@ -22,5 +22,5 @@ Example To enable checkpoints and time-travel debugging, allocating 4GB of RAM to store checkpoints ```sh -$PANDA_PATH/build/x86_64-softmmu/panda-system-x86_64 -replay foo -S -s -panda checkpoint:space=4GB +$PANDA_PATH/build/x86_64/panda-system-x86_64 -replay foo -S -s -panda checkpoint:space=4GB ``` diff --git a/panda/plugins/correlatetaps/README.md b/panda/plugins/correlatetaps/README.md index 4c2dd9d23a0..3cce3d727d4 100755 --- a/panda/plugins/correlatetaps/README.md +++ b/panda/plugins/correlatetaps/README.md @@ -36,4 +36,4 @@ None. Example ------- -`$PANDA_PATH/x86_64-softmmu/qemu-system-x86_64 -replay foo -panda callstack_instr -panda correlatetaps` +`$PANDA_PATH/x86_64/qemu-system-x86_64 -replay foo -panda callstack_instr -panda correlatetaps` diff --git a/panda/plugins/file_taint/README.md b/panda/plugins/file_taint/README.md index e543af4c97d..f71acf6e1a7 100644 --- a/panda/plugins/file_taint/README.md +++ b/panda/plugins/file_taint/README.md @@ -51,7 +51,7 @@ Example A typical run might first try to find out where the file `foo.txt` is first used: ``` - $PANDA_PATH/i386-softmmu/panda-system-i386 -replay foo -panda osi \ + $PANDA_PATH/i386/panda-system-i386 -replay foo -panda osi \ -panda osi_linux:kconf_group=debian-3.2.63-i686 \ -panda syscalls2:profile=linux_x86 -panda file_taint:filename=foo.txt ``` diff --git a/panda/plugins/filereadmon/README.md b/panda/plugins/filereadmon/README.md index d8f19f3d84a..9ce38ed3efd 100644 --- a/panda/plugins/filereadmon/README.md +++ b/panda/plugins/filereadmon/README.md @@ -28,6 +28,6 @@ Example ------- ``` - $PANDA_PATH/i386-softmmu/panda-system-i386 -replay foo \ + $PANDA_PATH/i386/panda-system-i386 -replay foo \ -os windows-32-xpsp3 -panda filereadmon ``` diff --git a/panda/plugins/func_stats/README.md b/panda/plugins/func_stats/README.md index d975adf2679..a7f098c1a3d 100755 --- a/panda/plugins/func_stats/README.md +++ b/panda/plugins/func_stats/README.md @@ -17,7 +17,7 @@ Note that, in hex reporting mode, addresses are reported in the simplest form. E If you use the following command to dump the assembly in a given replay: - $PANDA_PATH/x86_64-softmmu/qemu-system-x86_64 -replay foo -d in_asm,op,int,rr > asm.out 2>&113. + $PANDA_PATH/x86_64/qemu-system-x86_64 -replay foo -d in_asm,op,int,rr > asm.out 2>&113. Then you search by the `pc` in the instructions, you will find the following (for the above example record): @@ -60,4 +60,4 @@ None. Example ------- -`$PANDA_PATH/x86_64-softmmu/qemu-system-x86_64 -replay foo -panda func_stats:asids=0x0fb45000_0x08ca0000,hex=true,call_limit=200,stack_limit=16` \ No newline at end of file +`$PANDA_PATH/x86_64/qemu-system-x86_64 -replay foo -panda func_stats:asids=0x0fb45000_0x08ca0000,hex=true,call_limit=200,stack_limit=16` \ No newline at end of file diff --git a/panda/plugins/gdb/run.sh b/panda/plugins/gdb/run.sh index 3d918f7608d..d354c8eafba 100755 --- a/panda/plugins/gdb/run.sh +++ b/panda/plugins/gdb/run.sh @@ -1,4 +1,4 @@ #/bin/bash cargo build && \ - cp ../target/debug/libpanda_gdb.so $PANDA_PATH/x86_64-softmmu/panda/plugins/panda_gdb.so && \ - $PANDA_PATH/x86_64-softmmu/panda-system-x86_64 -os "linux-64-ubuntu:4.15.0-72-generic-noaslr-nokaslr" -replay catmaps -panda gdb:on_entry=1 -m 1G + cp ../target/debug/libpanda_gdb.so $PANDA_PATH/x86_64/panda/plugins/panda_gdb.so && \ + $PANDA_PATH/x86_64/panda-system-x86_64 -os "linux-64-ubuntu:4.15.0-72-generic-noaslr-nokaslr" -replay catmaps -panda gdb:on_entry=1 -m 1G diff --git a/panda/plugins/gdb/run_noreplay.sh b/panda/plugins/gdb/run_noreplay.sh index d8bfbc5ff47..d8b571aa230 100755 --- a/panda/plugins/gdb/run_noreplay.sh +++ b/panda/plugins/gdb/run_noreplay.sh @@ -1,4 +1,4 @@ #/bin/bash cargo build && \ - cp ../target/debug/libpanda_gdb.so $PANDA_PATH/x86_64-softmmu/panda/plugins/panda_gdb.so && \ - $PANDA_PATH/x86_64-softmmu/panda-system-x86_64 -L $PANDA_PATH/pc-bios -os linux-64-ubuntu:4.15.0-72-generic-noaslr-nokaslr -panda "gdb:file=/bin/cat" -m 1024 ~/.panda/bionic-server-cloudimg-amd64-noaslr-nokaslr.qcow2 -nographic -loadvm root -redir tcp:2222::22 + cp ../target/debug/libpanda_gdb.so $PANDA_PATH/x86_64/panda/plugins/panda_gdb.so && \ + $PANDA_PATH/x86_64/panda-system-x86_64 -L $PANDA_PATH/pc-bios -os linux-64-ubuntu:4.15.0-72-generic-noaslr-nokaslr -panda "gdb:file=/bin/cat" -m 1024 ~/.panda/bionic-server-cloudimg-amd64-noaslr-nokaslr.qcow2 -nographic -loadvm root -redir tcp:2222::22 diff --git a/panda/plugins/gdb/run_noreplay_arm.sh b/panda/plugins/gdb/run_noreplay_arm.sh index 30d7a3a29ec..521270522e8 100755 --- a/panda/plugins/gdb/run_noreplay_arm.sh +++ b/panda/plugins/gdb/run_noreplay_arm.sh @@ -1,4 +1,4 @@ #/bin/bash cargo build --no-default-features --features=arm && \ - cp target/debug/libpanda_gdb.so $PANDA_PATH/arm-softmmu/panda/plugins/panda_gdb.so && \ - $PANDA_PATH/arm-softmmu/panda-system-arm -L $PANDA_PATH/pc-bios -os linux-64-ubuntu:4.15.0-72-generic-noaslr-nokaslr -panda "gdb:file=/bin/cat" -m 1024 ~/.panda/bionic-server-cloudimg-amd64-noaslr-nokaslr.qcow2 -nographic -loadvm root -redir tcp:2222::22 + cp target/debug/libpanda_gdb.so $PANDA_PATH/arm/panda/plugins/panda_gdb.so && \ + $PANDA_PATH/arm/panda-system-arm -L $PANDA_PATH/pc-bios -os linux-64-ubuntu:4.15.0-72-generic-noaslr-nokaslr -panda "gdb:file=/bin/cat" -m 1024 ~/.panda/bionic-server-cloudimg-amd64-noaslr-nokaslr.qcow2 -nographic -loadvm root -redir tcp:2222::22 diff --git a/panda/plugins/gdb/run_noreplay_i386.sh b/panda/plugins/gdb/run_noreplay_i386.sh index 966384b42b7..ca92beea535 100755 --- a/panda/plugins/gdb/run_noreplay_i386.sh +++ b/panda/plugins/gdb/run_noreplay_i386.sh @@ -1,4 +1,4 @@ #/bin/bash cargo build --no-default-features --features=i386 && \ - cp target/debug/libpanda_gdb.so $PANDA_PATH/i386-softmmu/panda/plugins/panda_gdb.so && \ - $PANDA_PATH/i386-softmmu/panda-system-i386 -L $PANDA_PATH/pc-bios -os linux-32-debian:3.2.0-4-686-pae -panda "gdb:on_entry=1" -m 128M ~/.panda/debian_7.3_x86.qcow -nographic -loadvm root -redir tcp:2222::22 + cp target/debug/libpanda_gdb.so $PANDA_PATH/i386/panda/plugins/panda_gdb.so && \ + $PANDA_PATH/i386/panda-system-i386 -L $PANDA_PATH/pc-bios -os linux-32-debian:3.2.0-4-686-pae -panda "gdb:on_entry=1" -m 128M ~/.panda/debian_7.3_x86.qcow -nographic -loadvm root -redir tcp:2222::22 diff --git a/panda/plugins/gdb/run_noreplay_mips.sh b/panda/plugins/gdb/run_noreplay_mips.sh index f1ab37da323..4ed6a7aedea 100755 --- a/panda/plugins/gdb/run_noreplay_mips.sh +++ b/panda/plugins/gdb/run_noreplay_mips.sh @@ -1,4 +1,4 @@ #/bin/bash cargo build --no-default-features --features=mips && \ - cp target/debug/libpanda_gdb.so $PANDA_PATH/mips-softmmu/panda/plugins/panda_gdb.so && \ - $PANDA_PATH/mips-softmmu/panda-system-mips -L $PANDA_PATH/pc-bios -os linux-64-debian:3.2.0-4-arm-pae -panda "gdb:on_entry=1" -m 1G ~/.panda/debian_7.3_mips.qcow -nographic -loadvm root -M malta -kernel ~/.panda/vmlinux-3.2.0-4-4kc-malta -append "root=/dev/sda1" + cp target/debug/libpanda_gdb.so $PANDA_PATH/mips/panda/plugins/panda_gdb.so && \ + $PANDA_PATH/mips/panda-system-mips -L $PANDA_PATH/pc-bios -os linux-64-debian:3.2.0-4-arm-pae -panda "gdb:on_entry=1" -m 1G ~/.panda/debian_7.3_mips.qcow -nographic -loadvm root -M malta -kernel ~/.panda/vmlinux-3.2.0-4-4kc-malta -append "root=/dev/sda1" diff --git a/panda/plugins/gdb/run_noreplay_ppc.sh b/panda/plugins/gdb/run_noreplay_ppc.sh index 8a96b3950f0..f9a3613b4ad 100755 --- a/panda/plugins/gdb/run_noreplay_ppc.sh +++ b/panda/plugins/gdb/run_noreplay_ppc.sh @@ -1,4 +1,4 @@ #/bin/bash cargo build --no-default-features --features=ppc && \ - cp target/debug/libpanda_gdb.so $PANDA_PATH/ppc-softmmu/panda/plugins/panda_gdb.so && \ - $PANDA_PATH/ppc-softmmu/panda-system-ppc -L $PANDA_PATH/pc-bios -os linux-64-debian:3.2.0-4-ppc-pae -panda "gdb:on_entry=1" -m 1G ~/.panda/debian_7.3_mips.qcow -nographic -loadvm root + cp target/debug/libpanda_gdb.so $PANDA_PATH/ppc/panda/plugins/panda_gdb.so && \ + $PANDA_PATH/ppc/panda-system-ppc -L $PANDA_PATH/pc-bios -os linux-64-debian:3.2.0-4-ppc-pae -panda "gdb:on_entry=1" -m 1G ~/.panda/debian_7.3_mips.qcow -nographic -loadvm root diff --git a/panda/plugins/keyfind/README.md b/panda/plugins/keyfind/README.md index 60e5e3c5a91..0f79d8bc9d9 100644 --- a/panda/plugins/keyfind/README.md +++ b/panda/plugins/keyfind/README.md @@ -38,7 +38,7 @@ Example First, create a recording in which the guest establishes a TLS connection, and create a .pcap file at the same time. Start the guest under PANDA with normal arguments, and set a filename for the recorded packet capture - $PANDA_PATH/x86_64-softmmu/qemu-system-x86_64 \ + $PANDA_PATH/x86_64/qemu-system-x86_64 \ -net dump,file=tls_session.pcap Once the guest is running, open the QEMU monitor (Ctrl-a) and run `begin_record [tls_recording_name]` to start the record. Close the monitor, then run commands which will establish a TLS connection. Then, open the monitor again and run `end_record` to save the recording. @@ -46,13 +46,13 @@ Once the guest is running, open the QEMU monitor (Ctrl-a) and run `begin_record Once a recording is created, run PANDA with `keyfind` and provide either the name of the ciphersuite, or the ciphersuite ID: - $PANDA_PATH/x86_64-softmmu/qemu-system-x86_64 \ + $PANDA_PATH/x86_64/qemu-system-x86_64 \ -replay tls_recording_name \ -panda keyfind:ciphersuite_name=TLS_AES_256_GCM_SHA384 OR - $PANDA_PATH/x86_64-softmmu/qemu-system-x86_64 \ + $PANDA_PATH/x86_64/qemu-system-x86_64 \ -replay tls_recording_name \ -panda keyfind:ciphersuite_id=4866 diff --git a/panda/plugins/loaded/README.md b/panda/plugins/loaded/README.md index 701e8339583..17b7b993b12 100644 --- a/panda/plugins/loaded/README.md +++ b/panda/plugins/loaded/README.md @@ -25,6 +25,6 @@ Example ------- ``` - $PANDA_PATH/i386-softmmu/panda-system-i386 -replay foo \ + $PANDA_PATH/i386/panda-system-i386 -replay foo \ -panda loaded -os linux-32-debian-3.2.81-686-pae ``` diff --git a/panda/plugins/memorymap/README.md b/panda/plugins/memorymap/README.md index 3f74a531ba6..018c58365b1 100644 --- a/panda/plugins/memorymap/README.md +++ b/panda/plugins/memorymap/README.md @@ -57,4 +57,4 @@ Example To run `memorymap` on a Windows 2000 32-bit recording and report on two instructions specified by their addresses: -`$PANDA_PATH/i386-softmmu/qemu-system-i386 -replay foo -os windows-32-2000 -panda memorymap:pcs=0xbfeee8bd-0x80069a0f` +`$PANDA_PATH/i386/qemu-system-i386 -replay foo -os windows-32-2000 -panda memorymap:pcs=0xbfeee8bd-0x80069a0f` diff --git a/panda/plugins/memsavep/README.md b/panda/plugins/memsavep/README.md index f3fdcd96203..e85e16faf08 100644 --- a/panda/plugins/memsavep/README.md +++ b/panda/plugins/memsavep/README.md @@ -34,10 +34,10 @@ Example To dump memory at 66.2% to `mymem.dd`: - $PANDA_PATH/x86_64-softmmu/panda-system-x86_64 -replay foo \ + $PANDA_PATH/x86_64/panda-system-x86_64 -replay foo \ -panda memsavep:percent=66.2,file=mymem.dd To dump memory when an instruction count of 3314667015 is reached: - $PANDA_PATH/x86_64-softmmu/panda-system-x86_64 -replay foo \ + $PANDA_PATH/x86_64/panda-system-x86_64 -replay foo \ -panda memsavep:instrcount=3314667015,file=mymem.dd diff --git a/panda/plugins/network/README.md b/panda/plugins/network/README.md index c4465a767d4..06d334fa369 100644 --- a/panda/plugins/network/README.md +++ b/panda/plugins/network/README.md @@ -28,5 +28,5 @@ Example To save traffic to `foo.pcap`: - $PANDA_PATH/x86_64-softmmu/panda-system-x86_64 -replay foo \ + $PANDA_PATH/x86_64/panda-system-x86_64 -replay foo \ -panda network:file=foo.pcap diff --git a/panda/plugins/osi_linux/README.md b/panda/plugins/osi_linux/README.md index 6700b374ac0..a756ba409ef 100644 --- a/panda/plugins/osi_linux/README.md +++ b/panda/plugins/osi_linux/README.md @@ -151,7 +151,7 @@ Example Assuming you have a `kernelinfo.conf` in the current directory with a configuration named `my_kernel_info`, you can run the OSI test plugin on a Linux replay as follows: ```bash - $PANDA_PATH/x86_64-softmmu/panda-system-x86_64 -replay foo \ + $PANDA_PATH/x86_64/panda-system-x86_64 -replay foo \ -panda osi -panda osi_linux:kconf_file=kernelinfo.conf,kconf_group=my_kernel_info \ -panda osi_test ``` @@ -162,14 +162,14 @@ PANDA's `kernelinfo.conf` has the information for the Ubuntu kernels found on th Newer kernels perform KASLR, however, and need a boot parameter to turn that off. This parameter is `nokaslr`. Thus, one can load an environment directly from one of these DVDs ```bash - $PANDA_PATH/x86_64-softmmu/panda-system-x86_64 --monitor stdio \ + $PANDA_PATH/x86_64/panda-system-x86_64 --monitor stdio \ -m 4096 \ -cdrom 'ubuntu-18.04.4-desktop-amd64.iso' ``` Being careful to add the `nokaslr` boot parameter. Then just add the binaries of interest to the live environment and start recording. The osi_test can be executed in the following way: ```bash - $PANDA_PATH/x86_64-softmmu/panda-system-x86_64 \ + $PANDA_PATH/x86_64/panda-system-x86_64 \ -m 4096 -replay foo -panda osi\ -panda osi_linux:kconf_group=ubuntu:5.3.0-28-generic:64 \ -os linux-64-ubuntu -panda osi_test > ositest.txt diff --git a/panda/plugins/osi_test/README.md b/panda/plugins/osi_test/README.md index 9d47c5bacbf..0dd1dd33651 100644 --- a/panda/plugins/osi_test/README.md +++ b/panda/plugins/osi_test/README.md @@ -34,7 +34,7 @@ guest-os-specific plugin. E.g. to run `osi_test` on an Windows 7 32-bit replay: ```sh - $PANDA_PATH/i386-softmmu/panda-system-i386 -replay mytrace \ + $PANDA_PATH/i386/panda-system-i386 -replay mytrace \ -os windows-32-7sp1 -panda osi_test ``` The os-specific plugin is loaded implicitly by specifying `-os windows-32-7sp1`. diff --git a/panda/plugins/pc_search/README.md b/panda/plugins/pc_search/README.md index 5a23ef39eff..08694127a4d 100644 --- a/panda/plugins/pc_search/README.md +++ b/panda/plugins/pc_search/README.md @@ -34,17 +34,17 @@ Example Passing a single pc: - $PANDA_PATH/x86_64-softmmu/panda-system-x86_64 -replay foo \ + $PANDA_PATH/x86_64/panda-system-x86_64 -replay foo \ -panda pc_search:pc=0x77c47f06 Passing multiple pcs and getting just first and last occurrence: - $PANDA_PATH/x86_64-softmmu/panda-system-x86_64 -replay foo \ + $PANDA_PATH/x86_64/panda-system-x86_64 -replay foo \ -panda pc_search:first_last_only=true,pc_file="pc_input.txt",out_file="my_pc_matches.txt" Passing a range of pcs: - $PANDA_PATH/x86_64-softmmu/panda-system-x86_64 -replay foo \ + $PANDA_PATH/x86_64/panda-system-x86_64 -replay foo \ -panda pc_search:pc_range=0x79a33c06-0x79a33d32,out_file="my_pc_matches.txt" diff --git a/panda/plugins/replaymovie/README.md b/panda/plugins/replaymovie/README.md index 546dec48b88..d393f2e486a 100644 --- a/panda/plugins/replaymovie/README.md +++ b/panda/plugins/replaymovie/README.md @@ -35,7 +35,7 @@ Example Generating the still frames: - $PANDA_PATH/x86_64-softmmu/panda-system-x86_64 -replay foo \ + $PANDA_PATH/x86_64/panda-system-x86_64 -replay foo \ -panda replaymovie Creating the movie: diff --git a/panda/plugins/scissors/README.md b/panda/plugins/scissors/README.md index 56ff240d352..d3fdbe9376c 100644 --- a/panda/plugins/scissors/README.md +++ b/panda/plugins/scissors/README.md @@ -35,7 +35,7 @@ Example Snipping from instruction 12345 to 8675309 into `foo_reduced[.rr2]`: ```sh -$PANDA_PATH/x86_64-softmmu/panda-system-x86_64 -replay foo[.rr2] \ +$PANDA_PATH/x86_64/panda-system-x86_64 -replay foo[.rr2] \ -panda scissors:name=foo_reduced[.rr2],start=12345,end=8675309 ``` diff --git a/panda/plugins/stringsearch/README.md b/panda/plugins/stringsearch/README.md index a41efa5a786..158a090e9da 100644 --- a/panda/plugins/stringsearch/README.md +++ b/panda/plugins/stringsearch/README.md @@ -79,7 +79,7 @@ To search for JPEG files being read or written in memory, create a file named `j Then run PANDA with stringsearch: ```sh - $PANDA_PATH/x86_64-softmmu/panda-system-x86_64 -replay foo \ + $PANDA_PATH/x86_64/panda-system-x86_64 -replay foo \ -panda callstack_instr -panda stringsearch:name=jpeg ``` diff --git a/panda/plugins/syscalls2/README.md b/panda/plugins/syscalls2/README.md index 7f7b4dcc678..edde18abb28 100644 --- a/panda/plugins/syscalls2/README.md +++ b/panda/plugins/syscalls2/README.md @@ -171,7 +171,7 @@ bool init_plugin(void *self) { And then invoke it as: ```sh -$PANDA_PATH/x86_64-softmmu/panda-system-x86_64 -replay foo \ +$PANDA_PATH/x86_64/panda-system-x86_64 -replay foo \ -os windows-32-7sp1 -panda syscalls2 -panda filereadmon ``` diff --git a/panda/plugins/taint2/README.md b/panda/plugins/taint2/README.md index 2a05a03dd48..641873e254d 100644 --- a/panda/plugins/taint2/README.md +++ b/panda/plugins/taint2/README.md @@ -160,7 +160,7 @@ Example To taint data from a file named `foo.dat` on Linux and then find out what branches depend on data from that file, placing output into the pandalog `foo.plog`: - $PANDA_PATH/x86_64-softmmu/panda-system-x86_64 -replay foo -panda osi \ + $PANDA_PATH/x86_64/panda-system-x86_64 -replay foo -panda osi \ -panda osi_linux:kconf_group=debian-3.2.63-i686 \ -panda syscalls2:profile=linux_x86 \ -panda file_taint:filename=foo.dat \ @@ -169,7 +169,7 @@ To taint data from a file named `foo.dat` on Linux and then find out what branch Note that the `taint2` plugin is not explicitly listed here because it is automatically loaded by the `file_taint` plugin. If you wanted to pass custom options to `taint2`, such as disabling tainted pointers, you could instead do: - $PANDA_PATH/x86_64-softmmu/panda-system-x86_64 -replay foo -panda osi \ + $PANDA_PATH/x86_64/panda-system-x86_64 -replay foo -panda osi \ -panda osi_linux:kconf_group=debian-3.2.63-i686 \ -panda syscalls2:profile=linux_x86 \ -panda taint2:no_tp=y \ diff --git a/panda/plugins/tainted_branch/README.md b/panda/plugins/tainted_branch/README.md index 6c0be973c25..35afd45ae95 100644 --- a/panda/plugins/tainted_branch/README.md +++ b/panda/plugins/tainted_branch/README.md @@ -78,7 +78,7 @@ Example To taint data from a file named `foo.dat` on Linux and then find out what branches depend on data from that file, placing output into the pandalog `foo.plog`: - $PANDA_PATH/x86_64-softmmu/panda-system-x86_64 -replay foo -panda osi \ + $PANDA_PATH/x86_64/panda-system-x86_64 -replay foo -panda osi \ -panda osi_linux:kconf_group=debian-3.2.63-i686 \ -panda syscalls2:profile=linux_x86 \ -panda file_taint:filename=foo.dat \ diff --git a/panda/plugins/tainted_instr/README.md b/panda/plugins/tainted_instr/README.md index 6964f02730b..6ae8f9a7827 100644 --- a/panda/plugins/tainted_instr/README.md +++ b/panda/plugins/tainted_instr/README.md @@ -28,7 +28,7 @@ Example To taint data from a file named `foo.dat` on Linux and then find out what instructions handle tainted data from that file, placing output into the pandalog `foo.plog`: - $PANDA_PATH/x86_64-softmmu/panda-system-x86_64 -replay foo -panda osi \ + $PANDA_PATH/x86_64/panda-system-x86_64 -replay foo -panda osi \ -panda osi_linux:kconf_group=debian-3.2.63-i686 \ -panda syscalls2:profile=linux_x86 \ -panda file_taint:filename=foo.dat \ diff --git a/panda/plugins/tainted_net/README.md b/panda/plugins/tainted_net/README.md index 2a903175c8a..15de9bba279 100644 --- a/panda/plugins/tainted_net/README.md +++ b/panda/plugins/tainted_net/README.md @@ -41,14 +41,14 @@ Example To taint incoming network data and then find out what instructions depend on data from the network: - $PANDA_PATH/i386-softmmu/panda-system-i386 -net nic -net user \ + $PANDA_PATH/i386/panda-system-i386 -net nic -net user \ -replay foo \ -panda tainted_net:label_incoming_network=true \ -panda tainted_instr Note that the `taint2` plugin is not explicitly listed here because it is automatically loaded by the `tainted_net` plugin. If you wanted to pass custom options to `taint2`, such as disabling tainted pointers, you could instead do: - $PANDA_PATH/i386-softmmu/panda-system-i386 -net nic -net user \ + $PANDA_PATH/i386/panda-system-i386 -net nic -net user \ -replay foo \ -panda taint2:no_tp=y \ -panda tainted_net:label_incoming_network=true \ @@ -56,7 +56,7 @@ Note that the `taint2` plugin is not explicitly listed here because it is automa To taint the string `quick` and then see if it is sent out over the network, writing the outgoing taint information to quick\_tnss.csv, do: - $PANDA_PATH/i386-softmmu/panda-system-i386 -net nic -net user \ + $PANDA_PATH/i386/panda-system-i386 -net nic -net user \ -replay foo \ -panda stringsearch:str="quick" -panda tstringsearch \ -panda tainted_net:query_outgoing_network=true,file=quick_tnss.csv diff --git a/panda/plugins/tapindex/README.md b/panda/plugins/tapindex/README.md index 6202f85850a..81938d35719 100755 --- a/panda/plugins/tapindex/README.md +++ b/panda/plugins/tapindex/README.md @@ -28,12 +28,12 @@ Example Generate an index: - $PANDA_PATH/x86_64-softmmu/qemu-system-x86_64 -replay foo \ + $PANDA_PATH/x86_64/qemu-system-x86_64 -replay foo \ -panda tapindex Then dump memory with `memdump`: - $PANDA_PATH/x86_64-softmmu/qemu-system-x86_64 -replay foo \ + $PANDA_PATH/x86_64/qemu-system-x86_64 -replay foo \ -panda memdump Now search for something in the memory reads dump and store the offsets where it's found into a file named `foo_offsets.txt`: diff --git a/panda/plugins/textprinter/README.md b/panda/plugins/textprinter/README.md index 6897b2146cd..0d018bfb05a 100644 --- a/panda/plugins/textprinter/README.md +++ b/panda/plugins/textprinter/README.md @@ -67,7 +67,7 @@ First create a file called `tap_points.txt` with your tap points. The following Then run PANDA with `textprinter`: - $PANDA_PATH/x86_64-softmmu/panda-system-x86_64 -replay foo \ + $PANDA_PATH/x86_64/panda-system-x86_64 -replay foo \ -panda callstack_instr,stack_type=threaded -panda textprinter You will get output in `read_tap_buffers.txt.gz` and `write_tap_buffers.txt.gz`. This snippet of such a log file shows four bytes (`0x62 0x72 0x61 0x6e`) being written to address `0x003f3830`: diff --git a/panda/plugins/tstringsearch/README.md b/panda/plugins/tstringsearch/README.md index 0ce1087c413..12b4bbb24bf 100644 --- a/panda/plugins/tstringsearch/README.md +++ b/panda/plugins/tstringsearch/README.md @@ -29,6 +29,6 @@ Example To taint a string `bogart` and then create a pandalog named `bogart.plog` listing all branches depending on that string via the `tainted_branch` plugin: - $PANDA_PATH/x86_64-softmmu/panda-system-x86_64 -replay foo \ + $PANDA_PATH/x86_64/panda-system-x86_64 -replay foo \ -panda stringsearch:str=bogart -panda tstringsearch \ -panda tainted_branch -pandalog bogart.plog diff --git a/panda/plugins/unigrams/README.md b/panda/plugins/unigrams/README.md index e529508c1bc..2cc19ab1a28 100644 --- a/panda/plugins/unigrams/README.md +++ b/panda/plugins/unigrams/README.md @@ -28,7 +28,7 @@ Example To collect unigram statistics during a replay: - $PANDA_PATH/x86_64-softmmu/panda-system-x86_64 -replay foo \ + $PANDA_PATH/x86_64/panda-system-x86_64 -replay foo \ -panda callstack_instr -panda unigrams For another example of using `unigrams`, and what you can do by computing simple statistics based on the histograms it gives you, you can see the blog post [Breaking Spotify DRM with PANDA](http://moyix.blogspot.com/2014/07/breaking-spotify-drm-with-panda.html).