Angr——生成函数cfg
- networkx to pygraphviz
A = nx.nx_agraph.to_agraph(cfg.graph)
- get function subgraph
cfg=cfg.get_function_subgraph(start=main_obj.rebased_addr,max_call_depth=0)
- get picture
2018-07-02 13-24-12屏幕截图.png
- code
import angr
from networkx import nx
def get_cfg_all_paths(cfg):
paths=set()
cfg.normalize()
A = nx.nx_agraph.to_agraph(cfg.graph) # convert to a graphviz graph
nodes=A.nodes()
for node in nodes:
print node.name
A.layout()
A.draw("k5.dot")
return paths
def get_proj_all_path(file_path):
proj=angr.Project(file_path,load_options={'auto_load_libs': False})
main_obj=proj.loader.main_object.get_symbol('main')
cfg = proj.analyses.CFGAccurate(keep_state=True,
starts=(main_obj.rebased_addr,),
#context_sensitivity_level=0,
call_depth=0)
cfg=cfg.get_function_subgraph(start=main_obj.rebased_addr,max_call_depth=0)
return get_cfg_all_paths(cfg)
def main():
get_proj_all_path('/home/alex/PycharmProjects/angr_find_path/venv/data_sets/a',)
if __name__=='__main__':
main()
