Questions tagged [qemu]
QEMU is a software that performs CPU emulation through dynamic binary translation. It allows the execution of applications compiled for a certain specific architecture to run on other architectures.
59
questions
1
vote
0
answers
70
views
How to debug armel and armhf binaries on x86-64 Ubuntu simultaneously?
I'm working on the challenges on ROP Emporium. For the ARMv5 version of the callme challenge, we are given two binaries and two shared libraries: callme_armv5 with libcallme_armv5.so and callme_armv5-...
- 161
2
votes
0
answers
238
views
Booting a Linux kernel ARM64 boot executable Image
I am self learning reverse engineering and working on reversing a firmware image for an unknown ioT device that's running on Zephyr. I have the firmware image (.img file), which returns 'Linux kernel ...
- 21
0
votes
1
answer
2k
views
Running ELF file built for ARM arhitecture
My goal is to run and debug ELF file (c444) which is compiled for the ARM architecture. I have some experience with x32 and x64 Intel architectures. However, I down know how to proceed with ARM-based ...
- 1
2
votes
0
answers
285
views
Finding (or building) a kernel for Huawei EchoLife EG8145V5
I have a Huawei EchoLife EG8145V5 for which I am trying to build some software. It has a built-in Linux distro of some sort, but I would like to add to it, as there is "plenty" of storage ...
- 121
1
vote
0
answers
84
views
Handle Ioctl call while running with qemu
I am using qemu to emulate a binary like this
qemu -strace XXXXX .
I saw that the first 2 system calls of this process were TCGETS to stdin and stdout. From man pages
Get and set terminal attributes
...
- 21
1
vote
1
answer
228
views
Debug bFLT in qemu-arm-static
I have bFLT binary (into linux-arm arch.) that I can run with qemu-arm-static .
I want to debug that binary dynamically with GDB.
I know I can debug binary with qemu like qemu-arm-static -g 1111 <...
1
vote
1
answer
259
views
Run ntoskrnl.exe with qemu
We can run linux and similar unix kernels uing qemu -kernel parameter. Is there any way to do the same with NT kernel? I could not find a way to test even reactos kernelwith qemu.
Also can .efi files ...
- 11
2
votes
0
answers
1k
views
How to perform full MIPS system emulation with QEMU, using the squashfs image and uBoot kernel image?
TL;DR:
Need tips on emulation of MIPS-BE system using QEMU with the help of squashfs image file and uBoot Kernel image file extracted from the firmware file.
Long Version:
- What I have:
A cheap ...
- 51
2
votes
0
answers
171
views
QEMU with GDB: Stepping Instruction causes Windows VM BSOD
I'm currently analyzing a piece of software inside a Windows 10 QEMU virtual machine which is connected to a remote GDB debugger. I have set breakpoints to audit what the application is doing.
I have ...
- 21
2
votes
2
answers
178
views
error shmat function when simulating MIPS file in Qemu
I want to run (simulating) MIPS file with Qemu:
$file httpd
httpd: ELF 32-bit MSB executable, MIPS, MIPS32 version 1 (SYSV), dynamically linked, interpreter /lib/ld-uClibc.so.0, no section header
...
- 197
0
votes
0
answers
128
views
Emulator that emulates arm hardware
I want to hook arm instructions as they executes but most of the emulators are based on VirtualBox that uses houdini to translate arm instructions to x86, and i really can't hook a native JNI lib, ...
- 73
1
vote
1
answer
755
views
GDBserver on Qemu not honoring "follow-fork-mode child"
I am using gdb-multiarch version 9.1 on Ubuntu to connect to a qemu-mipsel-static version 4.2.0 running a MIPS application which daemonizes itself with fork(), and which is running the built-in ...
- 11
4
votes
3
answers
1k
views
inspecting c-sky elf application
I am new to reverse engineering , but as I am home these days , I wanted to hack my sat receiver. The receiver is based on c-sky v1 architecture'
Searching forums, I managed to get the firmware ...
- 41
0
votes
2
answers
4k
views
ld-uClibc.so.0: No Such file or directory when running qemu-mipsel-static
BLUF: When executing sudo chroot . ./qemu-mipsel-static ./bin/busybox from the squashfs-root folder the error /lib/ld-uClibc.so.0: No such file or directory is returned. Failing to figure out how to ...
- 1
4
votes
0
answers
171
views
QEMU Translation block
I'm studying how QEMU translates native basic blocks and runs them. As far as I understand, it reads native basic blocks then retranslates them, but I wonder how it can deal with exceptions inside, so ...
- 1,410