Fernando Domínguez

icon indicating a website link https://fernandodoming.github.io/

icon company @Alienvault icon location Madrid

Results 3 issues of Fernando Domínguez

Default Qiling instances crash when emulating a sample that calls the clone syscall

Default Qiling instances crash when emulating a sample that calls the clone syscall **Stacktrace** ``` File "/Users/fdd/Library/Python/3.8/lib/python/site-packages/qiling/core.py", line 573, in run self.os.run() File "/Users/fdd/Library/Python/3.8/lib/python/site-packages/qiling/os/linux/linux.py", line 163, in run self.ql.emu_start(self.ql.loader.elf_entry, self.exit_point,...

Multithreaded mode is missing initialization in Linux

1 comment

`ql.os.thread_class` is not properly initialized in multithreaded mode for Linux and thus attempting to run any binary results in an exception. ``` $ qltool run -f f9ab06de9ffa4b27692b3ed687c1b3ff8717d41a5950e7eaa9a3656b40bed8ca -m --rootfs ~/rootfs...

Malware emulation error

3 comment

So after playing around with the included files I tried something more real (this oldish Cerber sample `17fcd7a7162298225b06d85d1d5a90ea`) but looks like Unicorn fails to emulate that (maybe I just need...