Create Kali Linux Live USB stick with Etcher on Windows

Posted by Kulani Mahadewa on October 7, 2020
Posted in: Kali Linux. Tagged: , , , , , . Leave a comment

Hi, You can create a bootable USB stick for Kali Linux Live with few steps using the BalenaEtcher tool on Windows.

certutil -hashfile <pasth to iso image> SHA256

Once installed, you can simply select the ISO image of the kali linux live at “Flash from URL” –> Then select the USB drive for flashing at “Select target”–> Select “flash”.

Once the flashing is done, you may see as “1 failed device” due to checksum fail (during verification) on Windows. However, the writing to the USB was successful. This error has identified as a false positive case seen on Windows.

What else can you do with the Live USB stick of Kali Linux?

Add kali linux to startup on dualboot with Windows: You can find a guide to add kali linux startup on a dual boot with Windows at https://networkwolves.wordpress.com/2015/04/13/repair-kali-linux-grub-after-installing-window-in-dual-boot/amp/

Boot the live USB stick –> select “Live system” -> Open a terminal.-> login as root user

(If you have a fresh version install root user by following command)

sudo apt-get install kali-root-login
super su

Next, you can use the following commands. Then reboot the system to see the boot menu with kali linux option.

mount /dev/sda3 /mnt
mount –bind /dev /mnt/dev
mount –bind /dev/pts /mnt/dev/pts
mount –bind /proc /mnt/proc
mount –bind /sys /mnt/sys
chroot /mnt
grub-install /dev/sda
update-grub
exit
umount /mnt/dev/pts
umount /mnt/dev
umount /mnt/proc
umount /mnt/sys
umount /mnt

Resolving kali linux startup problem on dual boot desktop due to Window’s fast-restart: To resolve this also, you can use the Kali Linux Live USB stick.

When you try the first command (mount /dev/sda3 /mnt) you can see the error is shown as follows. You can disable the fast-restart which is a new feature on Windows 10, by selecting control panel->system and security -> power options–> “choose what the power buttons do” -> “Change the settings that are currently unavailable” -> untick “Turn on fast-startup”.

Cheers ! 🙂

System Execution Sequence – Part 1: BIOS/UEFI and Bootloader

Posted by Kulani Mahadewa on July 6, 2020
Posted in: System Execution Sequence. Tagged: , , , . Leave a comment

Execution Environment

Computing is about running algorithms. It is achieved by executing code. So, what is the order of executing codes in a computer?

Different kinds of computers (e.g., desktops/server platforms, mobile, and embedded devices) may organize the system execution order slightly differently. In general, on top of hardware is the kernel space, and on top of the kernel is the user-space software. However, in simple embedded software like in IoT devices, the firmware code can be on top of the hardware. The kernel provides system calls, for the user libraries to access system functionalities, and the libraries provide library calls for the applications to access the functionalities of libraries. Despite this organization, the CPU receives the data as a flat instruction stream.

Is it possible to run the binaries of different architecture on another architecture? For example, Linux binary on Windows.

Yes. In particular, there are compatibility layers that facilitate the execution of binary belongs to a different architecture. Wine is such a compatibility layer, which supports the execution of Windows binaries on Unix-like OSs. Windows Subsystem for Linux  (WSL) is another compatibility layer, which facilitates the execution of Linux native binaries on top of Windows OS.

Virtual machines (VM) are a way to provide an isolated execution environment. It can provide the same or different execution environment as the underlying architecture. Such as Linux VM provides the Linux execution environment on Windows OS. A VM provides both kernel space and userspace. Hence, the end-users can work without worrying about the underlying architecture.

Docker is another way to provide an isolated execution environment. However, docker provides isolation for application through containers, whereas VM provides isolation for the OS environment. The VM’s userspace is similar to the container of Docker.

Firmware Booting Code

When the PC is power on, firmware booting code is the first thing to run. When this booting code runs, you will see the logos on the screen. During this time, in the backend, it probes all the hardware devices, to check whether they work well. Only the keyboard is enough to communicate with this code.

BIOS (Basic I/O System) and UEFI (Unified Extensible Firmware Interface) are two types of booting codes or booting firmware. It comes pre-installed on the PC board.

BIOS vs UEFI:

  • BIOS is legacy booting firmware. It only supports up to 4 partitions of Hard Disk.
  • UEFI is a new booting firmware. It supports more than 4 partitions of HD, and additionally provide a secure mode and network support during booting to download missing codes.

Another main function of booting code is, it requires to find the next code to be executed and put it in the memory. What is the next code to execute? Bootloader.

Bootloader

It is a small program to load other OS programs and data in memory and executes them. It can be automatic or ask for manual options. With bootloader can load single or multiple kernels. It becomes the main application running on the microprocessor during normal operation.

Is it required to have a bootloader on a computer system? No. Simple embedded systems may not come with bootloader to save space.

Can you replace the existing bootloader? Yes. You can use U-boot to replace the bootloader.

Different bootloaders:

  • Linux: GRUB bootloader
  • Windows: BCD bootloader
  • Android: Fastboot (to load recovery image)
  • iOS: iboot
  • Embedded systems: Uboot (a general bootloader tool)

A main function of the bootloader is to find where the kernel image resides, and put it in the memory and execute it.

What if the bootloader cannot find the kernel or the kernel image is missing? PXE (Preboot Execution Environment) comes to the scene. An advantage of UEFI booting firmware is that it supports PXE. Hence, if the kernel image is not found, it can download it from a remote server.

The general procedure of PXE:

  • The host requests the IP for a network adapter from the DHCP server. The DHCP server replies with a temporary IP and TFTP Server address.
  • Next, the host requests a network bootloader from the TFTP server. TFTP server replies with reboot and support files.
  • Next, the host requests for kernel from the Web or TFTP server, and receives the kernel.
  • Finally, it acquires an IP for the kernel from the DHCP server.

Bootloader Security

Archived through TPM

What is TPM?

Trusted Platform Module (TPM) is a hardware component (comes on-chip of the motherboard ) that guarantees the integrity of the booting process.

Threat Model: A malicious code that replaces bootloader or kernel.

With TPM it can check the integrity of code and prevent the attacker from modifying the code at the initial stages of booting the OS. It uses simple cryptographic techniques and supports saving some sensitive data. The advantage is that it can hash a large amount of data.  The hash value is stored at PCR (Platform Configuration Register).

Chain of Trust

  • First, check whether the root of trust (BIOS/UEFI) is secure by checking the signature of the bootloader.
  • Next, transfers the control to the bootloader. At the bootloader, check the integrity of the hash value.
  • Next, transfers the control to the kernel. Check the integrity of the kernel.

UEFI Secure Mode

First, the signature of the kernel bootloader has to be generated. This is done by the manufacture. Next, when it loads check for its signature for integrity.

This adds trouble if you have to add a customized bootloader.

In fact, the UEFI secure boot + TPM is recommended for preserving security.

Unlock Bootloader

  • PC’s supports both BIOS and UEFI as booting methods. It is possible to switch between the two types. However, data loss and compatibility issues could happen.
  • In Android, the bootloader is locked by default. The fastboot tool can be used to unlock. When the bootloader is unlocked it is possible to changes the OS. (Whereas rooting will only allow the control of the whole OS. It provides access to the system partition, while bootloader unlocking provides boot or recovery partitions access).
  • In Iphones and MacOS, iboot is the bootloader.  DFU is required to downgrade iOS OS.

Booting Disk Creation and Disk Management

  • Etcher: can be used to locally generate a bootable USB with 3 steps. Select image, select drive with USE, and flash.
  • Unetbootin: Universal Netboot installer.
  • dd: direct dump, is a Unix utility. It can securely erase all files block by block.
  • Clonezilla

Online Resources that can be referred:

 TPM overview: https://www.trustedcomputinggroup.org/wp-content/uploads/TPM-Overview.pdf (optional)

Did you know that your Philips Hue bulb can be hijacked by a malicious hub in the neighborhood?

Posted by Kulani Mahadewa on May 25, 2020
Posted in: Article, Internet of Things. Tagged: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , . Leave a comment

Philips Hue is a popular smart home lighting system. This smart lighting system provides you with flexibility and ease in controlling, and diverse customizations in terms of colour range and functionalities that a typical light bulb cannot provide you. However,  there can be vulnerabilities in these new Internet of Things products due to lack of security hardening or challenges in adopting existing security solutions into them.

With reference to the previous post, HomeScan [1, 2] has discovered a vulnerability in the Philips Hue lighting system that leads to hijacking a Philips Hue bulb which is already connected with a victim’s hub at the presence of a malicious hub. As stated by HomeScan,  the vulnerability introduced due to the use of the existing communication protocol ‘ZigBee’ by the Philips Hue bulbs as a low power solution. Specifically, Philips Hue uses ZigBee Light Link (ZLL) protocol. It allows the ZigBee enabled bulb to accept and reply to the discovery beacons even after the bulb is already connected to a hub. Consequently, a malicious hub can discover the victim’s bulb by sending a discovery beacon. Following that the attacker can launch the ZLL authentication which results in the bulb disconnect itself from the victim’s hub and establish authentication with the malicious hub.

Here, is the attack demo video showing how the Philips Hue bulb is hijacked by the malicious hub over the ZigBee network. This demo uses the Perytons tool and a USB pluggable sniffing stick that supports ZigBee traffic capturing. This traffic was captured at the presence of a real Philips Hue bulb and two Philips Hue Hubs (one as the benign or belongs to the victim and the other as the malicious or belongs to the attacker). There are several other vulnerabilities that were discovered by HomeScan from including Chromecast and LIFX devices. You can check the HomeScan demo site for other findings.

 

References

[1] Scrutinizing Implementations of Smart Home Integrations. Kulani Mahadewa, Kailong Wang, Guangdong Bai, Ling Shi, Yan Liu, Jin Song Dong, and Zhenkai Liang. IEEE Transactions on Software Engineering, TSE 2019

[2] HOMESCAN: Scrutinizing Implementations of Smart Home Integrations. Kulani Mahadewa, Kailong Wang, Guangdong Bai, Ling Shi, Jin Song Dong and Zhenkai Liang. 23rd International Conference on Engineering of Complex Computer Systems, ICECCS 2018, Melbourne, Australia, December 12-14, 2018

Why Smart Homes Require Integration Analysis?

Posted by Kulani Mahadewa on May 24, 2020
Posted in: Article, Getting Started with Android. Tagged: , , , , , , , , , , , , , , , , , , , , , , , , , , , , . Leave a comment

In the HomeScan[2]  paper (in ICECCS 2018),  we highlight the importance of the security analysis of a smart home system from the integration perspective and propose a semi-automatic approach to perform the integration analysis. Later, an extended version [1] of this work was published in the 2019 TSE journal.

Why integration analysis?

Unlike the traditional ubiquitous smart home systems, the IoT (Internet of Things) driven smart home systems are more complex with the inherent attributes of IoT such as heterogeneity in technologies, standards, protocols, and platforms they are built upon while supporting a low-cost and a low-power system over the Internet.

Screenshot 2020-05-25 03.23.52

The Figure shows the diversity of communication protocols and smart devices by different manufacturers supported by a smart home system that uses Smarthings hub.

The HomeScan paper suggests two factors which make securing of a smart home system challenging as incompatibilities and invalidated assumptions exist in a smart home system due to its complexity. Therefore, it highlights the requirement of analyzing the security of a smart home system from the integration perspective to discover insecurities arrises due to the challenges in providing security for smart home systems.

How to perform integration analysis?

The paper proposes HomeScan, a semi-automatic approach to perform a security analysis of a smart home system from the integration perspective. The idea is that, if you have a model (a finite state diagram) of the integrated system, you can perform model checking against different attack models to find security problems in the integrated system. Hence, the paper first provides a set of techniques to extract the model of the integrated system as a Labeled Transition System (LTS) from the available implementations. Next, it shows that reachability checking over the generated integrated system model can be used to find security problems in the smart home integration. For more information please refer to the Homescan [2] paper or its extended version [1].

References

[1] Scrutinizing Implementations of Smart Home Integrations. Kulani Mahadewa, Kailong Wang, Guangdong Bai, Ling Shi, Yan Liu, Jin Song Dong, and Zhenkai Liang. IEEE Transactions on Software Engineering, TSE 2019

[2] HOMESCAN: Scrutinizing Implementations of Smart Home Integrations. Kulani Mahadewa, Kailong Wang, Guangdong Bai, Ling Shi, Jin Song Dong and Zhenkai Liang. 23rd International Conference on Engineering of Complex Computer Systems, ICECCS 2018, Melbourne, Australia, December 12-14, 2018

Use mitmproxy to Capture Traffic on the Same Machine

Posted by Kulani Mahadewa on April 10, 2020
Posted in: mitmproxy. Tagged: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , . Leave a comment

Hi, In this post I’m giving a detailed guide to use mitmproxy on kali Linux to capture the traffic. The mitmproxy tool provides many attacker capabilities in traffic analysis such as intercept, modify, replay, save, etc. You can check here for more details. I wanted to use this tool to capture traffic on the same machine (The tool is by default designed to use as a man-in-the-middle attacker to monitor the traffic of a victim device) to analyze the web protocols.  On my windows machine I used Fiddler to capture and analyze traffic. However, it was not enough support for Linux machines, if required to do further processing. Hence, I decided to use mitmproxy on Linux.

Note: In order to use mitmproxy to monitor traffic in the same machine we need to consider two users; one user as to provide the proxy; the other user as the victim. So following are the steps to set up your environment on a kali Linux machine. Although kali Linux comes with mitmproxy as pre-installed, I removed the existing version and installed the latest mitmproxy version 5.0.1. The newest version claims to be 4X faster.

Step 0: Remove previously installed mitmproxy

You may have to install the existing old version of mitmproxy if you are using kali Linux

sudo apt-get remove --auto-remove mitmproxy

Step 1: Create a new account for the proxy.

Use the following commands to create a new user. This user will be used as the attacker.

useradd -m mitmproxyuser// it creates a new direcotry 
 passwd mitmproxyuser //provide a password 
usermod -a -G sudo mitmproxyuser //add the user to sudo user list

Step 2: Download the mitmproxy version 5.0.1

  • Visit https://mitmproxy.org/ and download the v5.0 binary of mitmproxy.
  • Extract the downloaded .gz file. It contains following executables:
    • mitmproxy
    • mitmdump
    • mitmweb

Step 3: Install the mitmproxy as the newly created user

Change the directory to the directory with the extracted content of mitmproxy

  • Use the following command to install the mitmproxy.

Note: I’m using pip3 to install the mitmproxy, the pip gave errors for me.

sudo -u mitmproxyuser bash -c 'cd ~ && pip3 install --user mitmproxy'

If the command was successful, the following hidden files will be generated

0installmitmproxyasdiffuser(1)genfiles

Step 3: Update IP forwarding settings and add rules to the iptables.

sysctl -w net.ipv4.ip_forward=1
sysctl -w net.ipv6.conf.all.forwarding=1
sysctl -w net.ipv4.conf.all.send_redirects=0

iptables -t nat -A OUTPUT -p tcp -m owner ! --uid-owner mitmproxyuser --dport 80 -j REDIRECT --to-port 8080
iptables -t nat -A OUTPUT -p tcp -m owner ! --uid-owner mitmproxyuser --dport 443 -j REDIRECT --to-port 8080
ip6tables -t nat -A OUTPUT -p tcp -m owner ! --uid-owner mitmproxyuser --dport 80 -j REDIRECT --to-port 8080
ip6tables -t nat -A OUTPUT -p tcp -m owner ! --uid-owner mitmproxyuser --dport 443 -j REDIRECT --to-port 8080

Note*: Once the iptables are updated you will not be able to browse the internet unless the mitmproxy is started

Step 4: Start the mitmproxy as the user mitmproxyuser

sudo -u mitmproxyuser bash -c '$HOME/.local/bin/mitmproxy --mode transparent --showhost --set block_global=false'

00runmitmproxyNote*: Now, when you visit a web site on Firefox browser, it will still say that the certificate is not trusted.

01waring

Step 5: Install the mitmproxy certificates on Firefox browser

Once the mitmproxy is started …

02installcert

02details

  • Click on ‘other’ for Linux. It will download the certificate and prompt for acceptance. You can view the certificate and accept it.

02trustcert

02certdetails(2)

Step 5: Capture traffic on mitmproxy

Finally,  after installing the CA certificate, you can use the mitmproxy to analyze your traffic as follows.

03successmitmproxy

Click on an item to view the details.

03details

Cheers ! 🙂

Running PyCharm Traffic through Fiddler

Posted by Kulani Mahadewa on April 6, 2020
Posted in: Fiddler. Tagged: , , , , , , , , , , , , , , , , , , , , . Leave a comment

Hi, Here is a brief guide to setup PyCharm to send its traffic generated by requests through Fiddler.

Usage:  If you get errors while  implementing an extracted  protocol from a Fiddler traces, you can forward the traffic to Fiddler, so that you can check the captured traces against the traffic generated from PyCharm to debug your code. For example, you can solve issues when receiving Code 422 in response.

Running PyCharm Traffic through Fiddler

First, you need to update proxy settings at PyCharm with Fiddler proxy details. This will ask to install Fiddler generated certificates at PyCharm. However, this step only allows PyCharm to direct it’s traffic to Fiddler, but your python code fails since this setting does not apply to urllib3 used by requests. Hence, we have to bypass certificate verification in the code.

Step 1: Add Fiddler Generated Certificates to PyCharm

  • At PyCharm IDE Goto -> File -> Settings ->Appearance & Behaviour -> System Settings -> HTTP Proxy -> Provide Fiddler proxy settings as follows (Host: 127.0.0.1, Port: 8888)

update proxy settings

  • Restart PyCharm -> It will prompt to Accept the Fiddler generated certificates for JetBrains.

Screenshot 2020-04-06 19.32.00

  • You can check the saved certificates at File -> Settings ->Tools-> Server Certificates

Step2: Update Python Code

In the python code, I’m using requests package to send HTTPS requests. Update the request with an additional argument as verify=False. Otherwise, it will throw an verification failed exception (ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:646))

import requests

initResponse = requests.get(initURL, params=initParams, headers=headerInit,verify=False)

Now, it will only give a warning (InsecureRequestWarning: Unverified HTTPS request is being made to host ‘127.0.0.1’. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
InsecureRequestWarning,) and pass the code. Assuming you are aware of the security of the URL you are visiting, this can help you forward PyCharm traffic through Fiddler without much hassle.

Cheers ! 🙂

Fix ERR_CONNECTION_TIMED_OUT error on Android with Fiddler Proxy

Posted by Kulani Mahadewa on March 12, 2020
Posted in: Fiddler. Tagged: , , , , , , , , , , , , , , , , , , . Leave a comment

Hi, When setting up an Android device with Fiddler on the host machine, you need to set up proxy settings on Android Wi-Fi giving the IP address shown on Fiddler (Online) as host and port as 8888. After that, you need to visit http://ipv4.fiddler:8888 on your browser to download the Fiddler Root Certificate. However, when visiting the http://ipv4.fiddler:8888 on the Android browser, you might get ERR_CONNECTION_ TIMED_OUT.  This could be due to many reasons.

Reasons and Solutions:

  • If you are connecting your Android with Fiddler for the first time recheck the settings on Fiddler. Goto -> Tools -> Options -> Connection -> Tick “Allow remote computers to connect”.  To allow HTTPS decryption, ensure you have ticked “Decrypt HTTPS traffic” under Options-> HTTPS, and then install the root certificate.
  • If you are trying to reconnect you Android with Fiddler which was working with a different host, and now getting  ERR_CONNECTION_ TIMED_OUT on the Android browser,
    • You can first try removing current certificates on the Fiddler host machine and try reinstalling the certificates..
      • First, Goto -> Tools -> Options -> HTTPS-> Untick “Decrypt HTTPS traffic”.
      • Then, select ‘Actions’ on the same dialog -> select “Remove interception certificates”
      • Then follow the normal procedure to enable HTTPS traffic decryption
    • The ultimate try is to uninstall and reinstall the Fiddler from the beginning on your host machine. After that, your Android browser can visit http://ipv4.fiddler:8888 and download a new Fiddler Root Certificate.

Plus:

Even after successfully installing the Fiddler root certificate on your Android device, if you are not able to capture the HTTTPS traffic. It might be that you are using an older fiddler root certificate or a certificate you installed when working with a different Fiddle r host machine. Hence, remove the current installed certificate from your android device. After that, try reconnecting with the Fiddler host to reinstall the new root certificate.

adb shell
cd /data/misc/user/0/cacerts-added
ls
rm < current root certificate e.g. e5c3944b.0>

In the worst case It may be due to certificate pinning used in the application you are trying to test. In that case, you may have to use an instrumentation tool like Xposed to bypass such conditions.

Cheers ! 🙂

 

Install MongoDB on Kali 2020

Posted by Kulani Mahadewa on March 10, 2020
Posted in: Kali Linux. Tagged: , , , , , , , , , , , , , , , , , , , , , , . 2 Comments

Hi, I have tried to install mongod from the apt-get install on my Kali Linux machine. However, it couldn’t find a package with that name. Hence, I decided to install mongod binaries specified at in their documentation as follows.

  • Donwload mongod package and extract the content

mogodown

wget https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-3.6.17.tgz
  • Add the location of mongod in the PATH variable

Goto home directory -> Ctrl+H -> Find the .bashrc file -> open and paste following-> Save

export PATH=<path-to-mongodb-directory>/bin:$PATH
  • Create data/db directory. (Since I use the root user not needed to set permissions)
mkdir -p /data/db
  • Now open terminal and use mongod  to start the server
mongod

mongod

  • Use mongo command to use the database
mongo

mongo

Cheers ! 🙂

 

Python GUI with PySide2 and QtCreator

Posted by Kulani Mahadewa on March 7, 2020
Posted in: Kali Linux. Tagged: , , , , , , , , , , , , , , , , , , , , , , , , , , , . Leave a comment

Hi, In this post I explain how to create a GUI application for Python using Qt. Qt is a cross-platform software development framework.  It provides PySide to support creating GUI applications for Python. There is also PyQt another python package supporting the same functionality. This post explains the differences between the two packages. They are basically alternatives. So, in this post I’m using PySide2 the latest version of PySide supporting the Qt 5.14 version.  In brief, you can first generate the layout using QtCreator tool. Then export that into your Python application for adding functionalities to the UI components.

Step 1: Install QtCreator/QtDesigner

There are two version of the QtCreator is available. You can use the open source version.

  • Prerequisite:
sudo apt-get install build-essential libgl1-mesa-dev
  • Download the installer:  from https://www.qt.io/offline-installers. I installed qt-opensource-linux-x64-5.14.1.run.
  • Installing: The installer can be directly executed on linux machine (I’m using Kali Linux 2020)  when  provide access to execute. It will prompt to create a user account through the installer. Then verify your email and continue. Once installed the application can be find through the application searching as qt.

qt setup

Step 2: Create an Qt Application using the QtCreator

  • Select Qt Widget application -> Provide the name and location -> select qtmake as the build system -> Next, you can edit class name information -> Next, select Kit Selection as ‘Desktop’ -> Finish

Screenshot_2020-03-08_01-57-38

  • When you install for the first time there won’t be any kits available.

Hence, you need to do the following steps first.

    • Install qt5-defaults
sudo apt-get install qt5-default
    • At the QtCreator Select Tools -> Options -> at Kits goto Qt Versions -> Maual -> Add -> give qmake file of qt5 location (usr/lib/x86_64-linux-gnu/qt5/bin/qmake)

Screenshot_2020-03-08_02-10-12

qt setup versoin

    • Then at the Kits window –> Select Desktop -> Update the Qt Version to the added Qt version.
    • Now, you can create the Qt Widget application as described above.
  • When you created the Qt application you can use the ‘Design’ View to add the layouts and the components as desired.

Screenshot_2020-03-08_02-20-47

Step 3: Export your designed mainWindow.ui as mainWindow.py

The mainWindow.ui is an xml file.

Screenshot_2020-03-08_02-21-00

You can covert it to a python file as folllows.

pip3 install PySide2
pyside2-uic mainwindow.ui -o mainWindow.py

The generated mainWindow.py:

Screenshot_2020-03-08_02-31-30

Step 4: Create Python GUI Application

Now, you can create a python project including the mainWindow.py, and another python file app.py to refer the components in the mainWindow.py and provide functionalities.

you import the Ui_mainWindow from the ainWindow.py  in app.py

app.py:

import sys
from PySide2.QtGui import *
from PySide2.QtCore import *
from PySide2.QtWidgets import *
from path.to.mainWindow import Ui_mainWindow

class MainWindow(QMainWindow, Ui_mainWindow):
def __init__(self):
super(MainWindow, self).__init__()
self.setupUi(self)
self.assignWidgets()
self.show()

def assignWidgets(self):
self.goButton.clicked.connect(self.goPushed)

def goPushed(self):
self.goText.append("Test Go!")

if __name__ == '__main__':
app = QApplication(sys.argv)
mainWin = MainWindow()
ret = app.exec_()
sys.exit( ret )

You can refer to following tutorials for more information

Cheers ! 🙂

 

Peekaboo Tracer

Posted by Kulani Mahadewa on March 5, 2020
Posted in: Tracers. Tagged: , , , , , , , . Leave a comment

Hi, Today I’m introducing the Peekaboo Tracer available at GitHub. You can use it to obtain the sequence of instructions executed while running a program or function as a trace. A trace in general, is a sequence of events happened when performing a task. So, if any errors were occurred while performing the task, the trace can be analyzed to find the problem or the cause.  Hence, the objective of Peekaboo is to help the users generate the traces.

Challenges in Tracing

The typical challenges in generating and managing a trace:

    • Length of the trace is tool long: If a single trace file includes all the attributes of a instruction, then the file size becomes too big.
    • Customized requirements: which attributes of the instructions are included in the trace (An instruction includes an instruction address, opcode, register value, memory value, memory address): If a single trace includes selected attributes for each instruction. Then reading the trace becomes difficult.

Solution by Peekaboo

In addressing the above challenges, Peekaboo introduces modularization. In precise, it generates a file for each attribute in a instruction such that each attribute file includes a sequence of attributes corresponding to the sequence of instructions executed. Hence, depending on the interest of the user, he can generates the trace including selected attributes.

Set up Peekaboo

Peekaboo is built on top of DynamoRIO instrumentation tool. Hence, we required to download the latest build of DynamoRIO to test the Peekaboo.

Next, following the guide in the Peekaboo documentation..

cd peekaboo_dr
mkdir build
cd build
DynamoRIO_DIR=/path/to/DynamoRIO/DynamoRIO-Linux-7.91.18319 cmake ..
make

cmake

make

Run Peekaboo

Generate the trace for executing ls command as follows.

path/to/DynamoRIO/DynamoRIO-Linux-7.91.18319/bin64/drrun -c /path/to/peekaboo/peekaboo_dr/build/libpeekaboo_dr.so -- ls

Results: Generated Trace Files

trace modules

Cheers ! 🙂