Dockerfile Python3 Fixes

.gitignore

@@ -182,24 +182,3 @@ docker-src.*
 /qemu/trace-ust-all.h
 /qemu/trace-ust-all.c
 /qemu/target/arm/decode-sve.inc.c
-
-
-/qemu/roms/seabios
-/qemu/roms/ipxe
-/qemu/roms/openbios
-/qemu/roms/openhackware
-/qemu/roms/qemu-palcode
-/qemu/roms/sgabios
-/qemu/dtc
-/qemu/roms/u-boot
-/qemu/roms/skiboot
-/qemu/roms/QemuMacDrivers
-/qemu/ui/keycodemapdb
-/qemu/capstone
-/qemu/roms/seabios-hppa
-/qemu/roms/u-boot-sam460ex
-/qemu/tests/fp/berkeley-testfloat-3
-/qemu/tests/fp/berkeley-softfloat-3
-/qemu/roms/edk2
-/qemu/slirp
-/qemu/roms/SLOF

Dockerfile

@@ -21,25 +21,33 @@
 #
 # -------------------------------------------------------------------------------
 
-FROM ubuntu:16.04
+FROM ubuntu:18.04
 MAINTAINER Jonas Zaddach
 
 ENV PREFIX /home
-
-#Install packages
 RUN apt-get update
-RUN apt-get install -y build-essential zlib1g-dev pkg-config \
+RUN apt-get install -y python3 python3-pip
+RUN export python=python3
+#Install packages
+RUN apt-get install -y --fix-missing build-essential zlib1g-dev pkg-config \
                        libglib2.0-dev binutils-dev libboost-all-dev \
                        autoconf libtool libssl-dev libpixman-1-dev \
                        libpython-dev python-pip \
                        git curl vim
 
+#upgrade pip
+RUN python3 -m pip install --upgrade pip
+
+
 #clone pybox
 RUN git clone https://github.com/Cisco-Talos/pyrebox pyrebox
 WORKDIR pyrebox
-RUN pip install -r requirements.txt
+RUN python3 -m pip install -r requirements.txt
 RUN ./build.sh
-RUN cp /usr/local/lib/python2.7/dist-packages/capstone/lib/libcapstone.so /usr/local/lib
+# i don't know why pyrebox-i386 uses python2 still 
+RUN python2 -m pip install distorm3 ipython capstone
+#RUN cp /usr/local/lib/python2.7/dist-packages/capstone/lib/libcapstone.so /usr/local/lib
+#RUN cp /usr/local/lib/python3.6/dist-packages/capstone/lib/libcapstone.so /usr/local/lib
 RUN ldconfig
 
 #OPTIONAL: Copy VM in. Left as an example

README.rst

@@ -45,6 +45,7 @@ active development and new cool features are yet to come! The master branch shou
 version, while the dev branches contain the latest, work-in progress features. The following announcement
 list refers to the master branch, and the date when the development changes were merged into master.
 
+- [Dec 5,  2019] **Beta version of PyREBox3, ready on the python3migration branch**. The tool has been ported to Python3 and Volatility3. Plugins have not been ported yet.
 - [Jun 21, 2019] **Upgraded QEMU to version 4.0.0, with MTTCG (multi-threaded TCG) support.** Special thanks to @richsurgenor for his valuable contributions to this upgrade.
 - [Jun 17, 2019] Merge of dev branch (Malware monitor 2).
 - [Jun 17, 2019] Mouse movement automation.

build.sh

@@ -86,9 +86,9 @@ if [ x"${reconfigure}" = xyes ] || [ ! -f ${qemu_path}/config-host.mak ] || [ !
 
 
     echo -e "\n${GREEN}[*] Configuring qemu...${NC}\n"
-    git submodule deinit .
+    git submodule deinit -f .
     git submodule init
-    git submodule update --recursive
+    git submodule update -f --recursive
     cd ${qemu_path}
     qemu_configure_flags=""
     if [ x"${debug}" = xyes ]

mw_monitor/mw_monitor_classes.py

@@ -174,7 +174,7 @@ def find_ep(proc, proc_name):
             name = m["name"]
             base = m["base"]
             # size = m["size"]
-            if name == proc_name:
+            if proc_name in name:
                     pe_data = api.r_va(proc.get_pgd(), base, 0x1000)
                     pe = pefile.PE(data=pe_data)
                     ep = pe.OPTIONAL_HEADER.AddressOfEntryPoint