ePsiLoN's Information Security Blog

Setting up capstone (Debian Wheezy)

Posted by

ePsiLoN

Intro

Recently I’ve decided to dedicate a fresh Debian environment for my RE tools and having binwalk seemed as a good idea so I can play with firmware binaries. I followed the general install instructions from the project wiki and it seemed that all the dependencies were installed. On starting the executable however I got the following error:

$ binwalk 
Traceback (most recent call last):
  File "/usr/local/bin/binwalk", line 60, in 
    main()
  File "/usr/local/bin/binwalk", line 45, in main
    usage(modules)
  File "/usr/local/bin/binwalk", line 32, in usage
    sys.stderr.write(modules.help())
  File "/usr/local/lib/python2.7/dist-packages/binwalk/core/module.py", line 622, in help
    for module in self.list(attribute="CLI"):
  File "/usr/local/lib/python2.7/dist-packages/binwalk/core/module.py", line 601, in list
    import binwalk.modules
  File "/usr/local/lib/python2.7/dist-packages/binwalk/modules/__init__.py", line 10, in 
    from binwalk.modules.codeid import CodeID
  File "/usr/local/lib/python2.7/dist-packages/binwalk/modules/codeid.py", line 1, in 
    import capstone

Further review of the binwalk source code led me to the conclusion that binwalk requires capstone RE framework as well. I am using wheezy stable release and capstone packages are included in the debian sid repo and since I do not want to upgrade my entire distro to unstable some apt-pinning needs to be done.

Setup process

1) Add sid repo

$sudo vim /etc/apt/sources.list

add the following lines and save the file

#sid
deb http://ftp.uk.debian.org/debian unstable main non-free contrib
deb-src http://ftp.uk.debian.org/debian unstable main non-free contrib

2) Create preferences for the apt-pinning

$sudo vim /etc/apt/preferences

Add the following lines to the newly created file. They specify the repository priority i.e. if there are different versions of a particular package in more than one repository the repository with the highest priority will be considered. In this case I am keeping the stable repo with the highest priority thus the lib

Package: *
Pin: release a=stable
Pin-Priority: 700


Package: *
Pin: release a=unstable
Pin-Priority: 600

3) Update

$sudo apt-get update

4) Install capstone core

$sudo apt-get install libcapstone2/unstable

5) Install capstone python binding

$sudo easy_install capstone

That was it.
At the end it came out that my binwalk installation was messed up and I needed to do it all over again. Anyhow … Capstone is a nice addition to my RE toolkit 🙂

ePsiLoN

Leave a Reply

Your email address will not be published. Required fields are marked *

Recent Posts

Archive

Tags

bruteforce bug bounty bug hunting Burp Suite d3 data leak data recovery dictionary entropy pool fix fund raising fuzzing hackaday image processing Journalistic tools log analysis malware mindmap patebin Practical Reverse Engineering randomness sandbox skype SQL injection SSL technical visualisation Vulnerability Management Wanda the fish Zeus