100 Days of angr - Day 1
What is This?
This is a new series I am starting which is going to go over start till I decide to stop, of the ins and outs of the dynamic symbolic analysis framework angr. I will plan to perform 100 articles of angr and each one will hopefully touch on something interesting. Normally these techniques are known but it gives me a cool place to document my adventures with it.
Am I Qualified to Talk About This?
Meh, I don’t care. If there is something wrong stated, shoot me a PR and I can add some amendments to my posts. To the best of my ability, I will not post #FakeNews.
Okay, But What is angr?
Q: Why do you keep forgetting to capitalize the “a” in “angr”
A: This is intentional. It is “angr”. Not “Angr”.
I think the angr website answers it really well. However, here is a quick tl;dr:
- An analysis framework which uses concolic and static analysis in a nice python package.
- If you are familiar with intermediate representations (IR), you may notice angr makes use of Valgrind’s VEX IR.
- They have a variety of the components explained using their blog. One of the initial overviews can be found here
This of course does not really do the full explaination justice. I would deifnitely recommned reading their website as well as some of the indepth articles to get a good idea of what is going on. I will explain some things as I go along and link the parts I am referencing though as with most things, it is good to get a handle of understanding before you go all “willy-nilly” and point it at a problem and expect it to solve it.
General Overview of The 100 Days
For this series, I plan to pull some concepts from the angr_ctf repo by Jake Springer. I hope to use these concepts and explain each of the reasonings behind why something worked the way it did and maybe even go a little deeper so the understanding comes full circle (I know sometimes that helps me when I am learning).
Some other binaries I may make use of come from pwn.college . While this low-key violates some of the rules for the course, I will do my best to not give full out right answers but more or less focus on some specific concepts. Ergo, if you understand the concepts, you will understand how to solve the challenge using the new found skill :) . I will supplement going overboard on this with some already released CTF challenges. It will be neat to see how we can use angr to help with pwn, reversing, crypto, and maybe web??? (#ClickBait)
First Day
So today is primarily this first post going out. Us understanding at a high level what angr is and where it might be used. To get startged it is recommended to follow the instructions set forth here. This will be all we need to move forward with the next day. Also, for those of you docker-heads, there is also a container file which can be built out at angr/angr.
Alright guys, see you in the next one. Going to just abruptly end this now.