How to add a string input to the start of an Angr program?

Question

sorry for the possibly-noobish question. I'm new to Angr and ran into a small issue/question. So, let's say I have a binary program, "mybinary", where I input something and it does some operations and checks against that to find a flag. (Normal crackme style.)

However, the program needs a string, tid, input when the program is first run. I have the tid, it's just a 32-bit string of letters and numbers.

So instead of "./mybinary", to run it, I have to do "./mybinary 'the tid string'".

How do I do that in the context of loading the file into an Angr project?

Like, if my angr code was something along the lines of:

import angr
import claripy

#Whatever variables.

base_addr = #Whatever the base address is.

proj = angr.Project("./mybinary", main_opts={'base_addr': base_addr}) 

#Some code for defining flag characters.

state = proj.factory.full_init_state(
        args=['./mybinary'],
        add_options=angr.options.unicorn,
    stdin=flag,
)

#Some code to create and run simulation with success and failure.

How could I edit it so that it would run "./mybinary 'the tid string'" instead of just "./mybinary"?

Please and thank you for the help!

Answer 1

Here is how you should instantiate the state to suit your needs:

state = proj.factory.entry_state(
    args=['./mybinary', 'the tid string'],
    add_options=angr.options.unicorn,
    stdin=flag,
)

---

As per the documentation:

If you're executing in an environment that can take command line arguments or an environment, you can pass a list of arguments through args and a dictionary of environment variables through env into entry_state and full_init_state.

Furthermore, it does not seem like you need full_init_state in your case; entry_state should suffice (same documentation):

.entry_state() constructs a state ready to execute at the main binary's entry point.