Flags

Available Flags & Usage

usage: zelos [-h] [-c CONFIG] [--virtual_filename VIRTUAL_FILENAME]
             [--virtual_path VIRTUAL_PATH] [-v] [--log LOG] [--dns]
             [--fasttrace] [-t TIMEOUT] [-m MEMLIMIT] [--traceon TRACEON]
             [--traceoff TRACEOFF] [--tracethread TRACETHREAD]
             [--writetrace WRITETRACE] [--date DATE] [--startat STARTAT]
             [--disableNX] [--strace STRACE] [--log_exports]
             [--no_log_syscalls] [--mount MOUNT] [--env_vars ENV_VARS]
             [--export_mem] [--export_insts] [--export_funcs]
             [--syscall_limit SYSCALL_LIMIT]
             [--syscall_thread_limit SYSCALL_THREAD_LIMIT]
             [--syscall_thread_swap SYSCALL_THREAD_SWAP]
             [--rep_syscall_print_limit REP_SYSCALL_PRINT_LIMIT]
             [--linux_rootfs LINUX_ROOTFS]
             filename [cmdline_args [cmdline_args ...]]

Positional Arguments

filename

Executable to emulate

cmdline_args

Arguments to the executable

Named Arguments

-c, --config

config file path

--startat

[Experimental] Start execution at the given hex address.

--disableNX

Disable the no-execute bit. All memory becomes executable.

Default: False

logging

-v, --verbosity

Increase output verbosity. Enables instruction-level tracing.

Default: 0

--log

Decide what level of logging should be used. LOG is ‘info’, ‘verbose’, ‘debug’, ‘spam’, ‘notice’, ‘warning’, ‘success’, ‘error’, or ‘fatal’. Note that this does not affect verbosity. (default: ‘info’)

Default: “info”

--fasttrace

Enable instruction-level tracing only the first time a memory address is reached.

Default: 0

--traceon

[Experimental] Enable verbose tracing after specified address or API name.

Default: “”

--traceoff

[Experimental] Disable verbose tracing after specified address or API name.

Default: “”

--tracethread

[Experimental] Enable verbose tracing on a single thread.

Default: “”

--writetrace

Print a message every time a value at the given memory location is written.

Default: “”

--log_exports

Enable logging of calls to exported functions. (default: off)

Default: False

--no_log_syscalls

Disable logging of syscalls.

Default: True

reporting

--strace

Writes the system call trace to the specified output file.

limits

-t, --timeout

If specified, execution will end after TIMEOUT seconds have passed.

Default: 0

-m, --memlimit

Limits memory allocation to MEMLIMIT total mb.

Default: 0

networking

--dns

Simulate DNS response for all domains (resolve to 127.0.0.1)

Default: 0

filesystem

--virtual_filename

Emulated filename (if different from real filename).

--virtual_path

Emulated file path (optional). (default: ‘/home/admin/zelos_dir/’).

--mount

[Experimental] Mount the specified file or path into the emulated root filesystem. Format: ‘–mount ARCH,DEST,SRC’. ARCH is ‘x86’, ‘x86-64’, ‘arm’, or ‘mips’. DEST is the emulated path to mount. SRC is the absolute host path to the file or directory to mount. Can be specified multiple times to mount multiple files.

Default: []

--env_vars

Emulated environment variables. ENV_VARS is a comma separated key value pair. Can be specified multiple times to set multiple environment variables. Format: ‘–env_vars FOO:bar –env_vars ZERO:point’.

Default: []

clock

--date

Emulated system date. Format: YYYY-MM-DD. (default: ‘2019-02-02’)

Default: “2019-02-02”

/home/docs/checkouts/readthedocs.org/user_builds/zelos/envs/v0.1.0/lib/python3.7/site-packages/zelos/ext/plugins/overlay/overlay.py

--export_mem

Export memory regions.

Default: False

--export_insts

Export instructions.

Default: False

--export_funcs

Export functions.

Default: False

/home/docs/checkouts/readthedocs.org/user_builds/zelos/envs/v0.1.0/lib/python3.7/site-packages/zelos/ext/plugins/syscall_limiter.py

--syscall_limit

Stop execution after SYSCALL_LIMIT syscalls are executed.

Default: 0

--syscall_thread_limit

End THREAD after SYSCALL_THREAD_LIMIT syscalls are executed in that thread

Default: 0

--syscall_thread_swap

Swap threads after every SYSCALL_THREAD_SWAP syscalls are executed

Default: 100

--rep_syscall_print_limit

After repeating this number of times, syscall printing is temporarily disabled.

Default: 50

/home/docs/checkouts/readthedocs.org/user_builds/zelos/envs/v0.1.0/lib/python3.7/site-packages/zelos/ext/platforms/linux/linux.py

--linux_rootfs

Specify the rootfs directory for an emulated architecture. Can be specified multiple times to set the rootfs for different architectures, and the appropriate rootfs will be used during emulation. Format: ‘–linux_rootfs ARCH,PATH’. ARCH is ‘x86’, ‘x86-64’, ‘arm’, or ‘mips’. PATH is the absolute host path to the directory to be used as rootfs.

Default: []