Giters

decaf-project / DECAF

DECAF (short for Dynamic Executable Code Analysis Framework) is a binary analysis platform based on QEMU. This is also the home of the DroidScope dynamic Android malware analysis platform. DroidScope is now an extension to DECAF.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

decaf crashes after hookapitests is unloaded

hengyin opened this issue · comments

commented

Guest OS: Windows XP
Host environment: Ubuntu 15.04, 64-bit

Symptom:

In DECAF monitor window:
load_plugin ../plugins/hookapitests/hookapitests.so
do_hookapitests cmd.exe

run cmd.exe in guest

after cmd.exe appears, in DECAF monitor window run
unload_plugin

DECAF will crash in a few seconds.

commented

commit b36b555 fixed this issue.