Skip to content

Latest commit

 

History

History
executable file
·
64 lines (56 loc) · 3.17 KB

README.md

File metadata and controls

executable file
·
64 lines (56 loc) · 3.17 KB

OpenSAW

OpenSAW stands for Open Security Analysis Workbench, and is a framework for building systems that use concolic execution to find bugs in compiled programs. OpenSAWs main feature is that it allows users to quickly start developing and testing their own bug-finding search strategies. OpenSAW is written in Python and allows the concolic execution engine to be replaced easily, letting users test how well their own concolic execution implementation performs in comparison with others.

Setup

See docs/SETUP.md

Usage

WARNING: Do not run OpenSAW on malicious code. The executable you provide is executed with the same permissions as OpenSAW.

Running OpenSAW on a binary is trivial in the OpenSAW virtual machine.
After you are connected to the machine, run the following command

python2.7 -m opensaw -i <initial_input> -- <executable> [arguments, {} is replaced by input filename]

to launch OpenSAW on <executable> that takes a single file as input argument. OpenSAW will start with passing the file defined by <initial_input> to the program and then proceed to generate new inputs based on the trace created by this execution.

To start the standalone GUI monitoring the progress, start the program OpenSAW/dev/gui/main.py.

See docs/Using OpenSAW.md for more details and information on how to track progress.

Building your own search strategy

One of the great features with OpenSAW is that it lets users quickly get their hands dirty and experiment with new bug-finding search strategies. This is done by extending an existing search strategy or writing a new one. Descriptions of existing search strategies and also instructions on how to write your own can be found in docs/Strategies.md

Repository Structure

OpenSAW/
  dev/             : development files
    coverage/      : OpenSAW's test coverage (generated by make)
    documentation/ : OpenSAW's documentation (generated by make)
    opensaw/       : OpenSAW, the main application
    gui/           : Standalone GUI
    test/          : test programs
    pintool/       : code for the pintool, both cgc and linux/i383 version.
  docs/            : documentation
  tools/           : required tools and scripts
                     (BAP and PIN installation archives and compiled iltrans and pintool)