angr.simos.windows

class angr.simos.windows.SecurityCookieInit

Bases: Enum

Security cooke initialization value initialization method.

NONE = 0

RANDOM = 1

STATIC = 2

SYMBOLIC = 3

class angr.simos.windows.SimWindows

Bases: SimOS

Environment for the Windows Win32 subsystem. Does not support syscalls currently.

__init__(project)

property is_dump: bool

state_entry(args=None, env=None, argc=None, **kwargs)

syscall(state, allow_unsupported=True)

Given a state, return the procedure corresponding to the current syscall. This procedure will have .syscall_number, .display_name, and .addr set.

Parameters:

• state – The state to get the syscall number from

• allow_unsupported – Whether to return a “dummy” sycall instead of raising an unsupported exception

is_syscall_addr(addr)

Return whether or not the given address corresponds to a syscall implementation.

syscall_from_addr(addr, allow_unsupported=True)

Get a syscall SimProcedure from an address.

Parameters:

• addr – The address to convert to a syscall SimProcedure

• allow_unsupported – Whether to return a dummy procedure for an unsupported syscall instead of raising an exception.

Returns:

The SimProcedure for the syscall, or None if the address is not a syscall address.

initialize_segment_register_x64(state, concrete_target)

Set the gs register in the angr to the value of the fs register in the concrete process

Parameters:

• state – state which will be modified

• concrete_target – concrete target that will be used to read the fs register

Returns:

None

initialize_gdt_x86(state, concrete_target)

Create a GDT in the state memory and populate the segment registers.

Parameters:

• state – state which will be modified

• concrete_target – concrete target that will be used to read the fs register

Returns:

the created GlobalDescriptorTable object

get_segment_register_name()