-
Notifications
You must be signed in to change notification settings - Fork 232
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update requirements.txt #235
base: master
Are you sure you want to change the base?
Conversation
Derekt2
commented
Sep 6, 2023
- Relaxes requirement to have a specific version of unicorn installed.
- Allows downstream apps relying on the project to upgrade/downgrade unicorn as needed.
- addresses several CVEs impacting current unicorn version
i don't believe speakeasy works with Unicorn 2.0. have you found differently? therefore, this update should pin the unicorn version to less than 2.0. |
It still work with unicorn >= 2.0 |
great, then let's also enable CI testing for both versions so we can demonstrate this. |
i'm surprised that Speakeasy does not rely upon any Unicorn APIs or behaviors that changed in 2.0 |
Unless something is changed from pull #216, I don't think it is fully compatible. |
Just did the same tests, but I have the same behavior (payloads are "standard" Metasploit generated shellcodes) With
With
The emulation stops after |
Odd, I'm not seeing that same behavior on my system, I haven't run into a difference yet running with unicorn 2+, and was able to emulate without a segfault from VirtualAlloc using what I believe is the same payload? Are you running this on a M1 @cecio ? Here's my setup: OS: Ubuntu 20.04 x86_64 |
Very strange. No, I'm not on a M1 btw. I just retried on a completely different system (VM created on a cloud environment Ubuntu 20.04.1 LTS).
May be I'm doing something wrong...or different from you. This is the base64 of the payload if you want to try:
I'm curios about the result. |
@Derekt2 I edited my previous comment with new payload to be consistent with previous test. Try this last one in case |
My OS: Windows 10.19041 My result:
During handling of the above exception, another exception occurred: Traceback (most recent call last): During handling of the above exception, another exception occurred: Traceback (most recent call last):
I will review, debug and fix temporarily |
From my testing, it appears that the CLI works with Unicorn >= 2.0.0 but not from a Python script. Running from a Python script will cause a segmentation fault. |
Adding a little more context to my previous comment. I tested this using Unicorn 2.0.1 running in Ubuntu 22.04. It appears that the segfault occurs when running the emulation in the current process rather than a child process. The shellcode used was the sample posted by
|
mmmmh... I'm not sure: if you are using the same shellcode, even the second run is not working: you don't see the Segementation Fault, but the execution stops, since you don't see the subsequent call:
|