Malware, encryption, reverse engineering, networking, and other arcana.
what is password for panda user
The password is the same as for the previous VM, "panda".
Hi I am trying to analyze a record of a simple AES decryption app using PANDA with the VM you provided.I have already created the replay using the tutorial for SSL master key. I have three questions:1) I see that there is a Keyfind plugin. Looking at the source, it is written for the SSL key. Is there one for AES keys? Similar to aeskeyfind at (https://citp.princeton.edu/research/memory/code/)?2) I cannot load some plugins. Notably anything that is dependent on "panda_callstack_instr" like keyfind. But I can load "panda_taint".I get this error.loading /home/panda/panda/qemu/x86_64-softmmu/panda_plugins/panda_callstack_instr.so Failed to load /home/panda/panda/qemu/x86_64-softmmu/panda_plugins/panda_callstack_instr.so: libdistorm3.so: cannot open shared object file: No such file or directoryFAIL: Unable to load plugin `/home/panda/panda/qemu/x86_64-softmmu/panda_plugins/panda_callstack_instr.so'I re-compiled and re-installed distorm to be sure. But the error still occurs.3. I see there is a memorydump plugin. Is there a way to make several memory dumps from the replay at different times?Thanks
Post a Comment