reven2 package documentationThe REVEN2 python API.
Provide a pythonic way to interact with a Reven server. This mainly provides an object oriented wrapper on the low level api, plus a few helper functions to make REVEN scripting more straightforward.
To use it, the first step is to connect to a running Reven server, for example on port 13370 of the host localhost:
>>> import reven2 as rvn2 >>> server = rvn2.RevenServer('localhost', 13370)
Field members in our python classes are typically encapsulated in
properties. For instance, the private field
RevenServer._host can be read from RevenServer.host.
Properties are special methods that should not be called with
parenthesis, e.g. RevenServer.host, not
RevenServer.host(). To make this distinction clearer in our
documentation, the documentation for a property always starts with the
keyword Property: (e.g., see the properties host and
port in RevenServer's
documentation).
Every notable changes to this api will be documented in this file.
RevenServer.scenario_name
property.
TaintAccess.state_before
and TaintAccess.state_after
would sometimes raise a StopIteration Exception.
Tainter.simple_taint
would mistakenly share the same taint data.
Taint.accesses
for querying all the transitions that touch the tainted data. Can
be filtered to query only the transitions that change taint state
(like Taint.changes).
Taint.changes
as deprecated. Use Taint.accesses
instead.
TaintResultView.take_n
method would sometimes return the wrong number of results.
Trace.first_context,
Trace.last_context,
Trace.first_transition,
Trace.last_transition
Search.memory
to search byte patterns throughout the whole trace
TaintedRegisterSlice
would sometimes take the entire register instead of the requested
slice
reven2.bookmark module
that allows to programmatically add, access, edit and remove
bookmarks.
reven2.address.LinearAddress.translate,
reven2.address.LogicalAddress.translate,
reven2.address.LogicalAddressSegmentIndex.translate
to translate the virtual address into reven2.address.PhysicalAddress.
reven2.trace.Transition.find_inverse
method to get the transition that performs the inverse
operation to the given transition.
reven2.trace.Context.find_register_change
method to find the next/previous context in which the content of
the requested register is modified.
reven2.session
module that allows to publish various events to clients like Axion.
reven2.RevenServer.sessions
property that lists the sessions tracked by the RevenServer.
reven2.RevenServer
and reven2.RevenServer.connect
now accept an additional keyword parameter 'sessions' to set the
tracked sessions
reven2.trace.Transition
instance now displays as a clickable link that instructs Axion to
select that transition in Jupyter Notebook.
tag0/tag1 to Tag0/Tag1
ProjectManager.hostname
and ProjectManager.port
properties
ProjectManager.connect
to connect to a REVEN project from its name
ossi.OssiContext.process
to get the information of the current ossi.process.Process
Instruction
object would sometimes contain wrong operands for relative
jmp
Context.read
method up to x3 in typical workloads
timeout argument to the String.memory_accesses
method, allowing to specify how long this function should attempt
to recover all accesses before raising an exception.
Stack.backtrace
property so that it returns a string instead of printing it.
if register accessible from the API.
Previously, attempting to access reven2.arch.x64.if
would raise a SyntaxError, because if is
a python keyword. You can now access the if register
through reven2.arch.x64.if_.
trace package
containing basic classes to navigate in a trace and inspect cpu
registers and memory
search module
containing basic objects to search interesting points in a trace
trace.Trace.memory_accesses
and trace.Transition.memory_accesses
to query memory accesses from the trace
memhist package
containing MemoryAccess
object
stack module
containing basic objects to get interesting information on the
stack like the backtrace
string module
containing a basic `String` object to get interesting strings in
the trace and their memory accesses
ossi package
containing basic objects to get Operating System Semantic
Information (OSSI)
types package
containing various predefined types and type constructors
arch package
containing the various x86_64 registers
address package
containing representation of memory addresses
preview.project_manager
package containing basic (incomplete) bindings to the REVEN project
manager REST API
preview.taint
package containing an experimental, simplified API for the taint
RevenServer
class (previously Project)
| Module | address | Defines memory address classes |
| Package | arch | Contains classes and instances related to the description of the machine architecture. |
| Module | bookmark | No module docstring; 2/3 classes documented |
| Module | memhist | No module docstring; 3/3 classes, 0/8 functions documented |
| Package | ossi | Package related to OSSI information. See the OssiContext
object. |
| Module | prelude | This is the prelude module of the Reven2 python API |
| Package | preview | Contains subpackages and modules whose API is not considered stable yet. |
| Module | search | Module related to trace search. See the Search object. |
| Module | search_in_memory | No module docstring; 7/8 classes documented |
| Module | session | Module related to sessions, that allow to publish information to various other connected clients (e.g., Axion). |
| Module | stack | Module related to stack. See the Stack object. |
| Module | string | Module related to strings in trace. See the String object. |
| Package | trace | Module related to the execution trace. See the Trace object. |
| Package | types | Contains classes and instances related to the description of data types. |
| Module | util | Module that provide util functions |