ivicanikolicsg / maian Goto Github PK

I tried installing it but every time an error occurs I need to so desperately for a school project but I can't install it I am using ubuntu when I try to install it says web3 issue then I install web 3.4.4 which worked perfectly but still there are many issue

Can someone help me the list of dependencies and version of them?

Issue: I attempted to run the MAIAN tool on this contract. I copied the source code to unicorn_source.sol, and ran the following command:

python maian.py -s ~/unicorn_source.sol UnicornBreeding

Here is the output:

[ ] Compiling Solidity contract from the file /home/caleb/unicorn_source.sol ...  Done 
/home/caleb/.local/lib/python2.7/site-packages/web3/main.py:130: DeprecationWarning: Python 2 support is ending! Please upgrade to Python 3 promptly. Support will end at the beginning of 2018.
  category=DeprecationWarning,
/home/caleb/.local/lib/python2.7/site-packages/web3/main.py:130: DeprecationWarning: Python 2 support is ending! Please upgrade to Python 3 promptly. Support will end at the beginning of 2018.
  category=DeprecationWarning,

[ ] Connecting to PRIVATE blockchain emptychain  ... ESTABLISHED 

[ ] Sending Ether to contract 0x9e536236abf2288a7864c6a1afaa4cb98d464306  ...... tx[0] mined  Sent! 

[ ] Deploying contract Traceback (most recent call last):
  File "maian.py", line 177, in <module>
    main(sys.argv[1:])
  File "maian.py", line 120, in main
    if args.soliditycode: 	contract_address = deploy_contract(args.soliditycode[1], MyGlobals.etherbase_account)
  File "/home/caleb/MAIAN/tool/contracts.py", line 92, in deploy_contract
    transaction_creation_hash = MyGlobals.web3.eth.sendTransaction( {'from':etherbase, 'data': ('0x' if byt[0:2]!='0x' else '') +byt } )
  File "/home/caleb/.local/lib/python2.7/site-packages/web3/eth.py", line 216, in sendTransaction
    get_buffered_gas_estimate(self.web3, transaction),
  File "/home/caleb/.local/lib/python2.7/site-packages/web3/utils/transactions.py", line 28, in get_buffered_gas_estimate
    gas_estimate = web3.eth.estimateGas(gas_estimate_transaction)
  File "/home/caleb/.local/lib/python2.7/site-packages/web3/eth.py", line 263, in estimateGas
    [transaction],
  File "/home/caleb/.local/lib/python2.7/site-packages/web3/manager.py", line 96, in request_blocking
    raise ValueError(response["error"])
ValueError: {u'message': u'gas required exceeds allowance or always failing transaction', u'code': -32000}

Is this a Python2.7 issue? I attempted to use Python 3, but I ran into dependency issues.

I've installed MAIAN in a docker container using:

FROM ubuntu:16.04

RUN apt-get update && apt-get install -y git python software-properties-common python-software-properties \
  && add-apt-repository ppa:ethereum/ethereum \
  && apt-get update \
  && apt-get install -y ethereum solc python-pip \
  && pip install --upgrade pip \
  && pip install z3-solver z3 web3

RUN git clone https://github.com/MAIAN-tool/MAIAN.git

whenever I execute on a smart contract (which I've put inside the same dir as maian.py) using:

python maian.py -s MyContract.sol MyContract -c 0

I get:

Traceback (most recent call last):
File "maian.py", line 182, in <module>
  main(sys.argv[1:])
File "maian.py", line 85, in main
  kill_active_blockchain()
File "/MAIAN/tool/blockchain.py", line 69, in kill_active_blockchain
  p = subprocess.Popen(['fuser',MyGlobals.port_number+'/tcp'], stdout=subprocess.PIPE, stderr=devnull)
File "/usr/lib/python2.7/subprocess.py", line 711, in __init__
  errread, errwrite)
File "/usr/lib/python2.7/subprocess.py", line 1343, in _execute_child
  raise child_exception
OSError: [Errno 2] No such file or directory

Am I missing some dependency?

I've followed instructions to download the GUI version of MAIAN and it will not work. Can someone point me in the right direction? I'm using Ubuntu 16.04 LTS.

https://github.com/MAIAN-tool/MAIAN/blob/ab387e171bf99969676e60a0e5c59de80af15010/tool/parse_code.py#L9

should be pos + 2 + 2 * size_of_ input.

I came far in getting to run MAIAN. Some code changes where necessary to arrive there. Now However I struggle with a different problem which suggests that the addresses used for testing are not existent in the beginning and have to be created before 'unlocked'. Is that true? Do we have to do that and how? Following the execution do check for prodigal and greedy contracts, in both cases I get the same error:

python3 tool/maian.py -c 0 -s tool/example_contracts/example_prodigal.sol Adoption

===========================================================================
[ ] Compiling Solidity contract from the file tool/example_contracts/example_prodigal.sol ... Done
[ ] Connecting to PRIVATE blockchain emptychain ... ESTABLISHED
[ ] Deploying contract Traceback (most recent call last):
File "tool/maian.py", line 182, in
main(sys.argv[1:])
File "tool/maian.py", line 120, in main
if args.soliditycode: contract_address = deploy_contract(args.soliditycode[1], MyGlobals.etherbase_account)
File "/home/kweiss/ma/MAIAN/tool/contracts.py", line 87, in deploy_contract
MyGlobals.web3.personal.unlockAccount(etherbase, '1', 15000)
File "/usr/local/lib/python3.5/dist-packages/web3-4.2.0-py3.5.egg/web3/personal.py", line 43, in unlockAccount
[account, passphrase, duration],
File "/usr/local/lib/python3.5/dist-packages/web3-4.2.0-py3.5.egg/web3/manager.py", line 106, in request_blocking
raise ValueError(response["error"])
ValueError: {'message': 'no key for given address or file', 'code': -32000}

python3 tool/maian.py -c 1 -s tool/example_contracts/example_prodigal.sol Adoption

==========================================================================
[ ] Compiling Solidity contract from the file tool/example_contracts/example_prodigal.sol ... Done
[ ] Connecting to PRIVATE blockchain emptychain ... ESTABLISHED
[ ] Sending Ether to contract 0x56cb4a3c85a2f5b4819b93739e536236abf2288a7864c6a1afaa4cb98d464306 Traceback (most recent call last):
File "tool/maian.py", line 182, in
main(sys.argv[1:])
File "tool/maian.py", line 116, in main
execute_transactions([{'from':'0x'+MyGlobals.sendingether_account,'to':supposed_contract_address,'value':MyGlobals.send_initial_wei}])
File "/home/kweiss/ma/MAIAN/tool/blockchain.py", line 95, in execute_transactions
MyGlobals.web3.personal.unlockAccount(tx['from'],'1',15000)
File "/usr/local/lib/python3.5/dist-packages/web3-4.2.0-py3.5.egg/web3/personal.py", line 43, in unlockAccount
[account, passphrase, duration],
File "/usr/local/lib/python3.5/dist-packages/web3-4.2.0-py3.5.egg/web3/manager.py", line 106, in request_blocking
raise ValueError(response["error"])
ValueError: {'code': -32000, 'message': 'no key for given address or file'}

i have one question that why have to check fixed calldatasize length “branch_array_size = [0,8,8+132,8+232]” alone.
the code is at：

before that have already treat the calldatasize as symbolic variables, this is still cannot cover these fixed size?
the code is at

i wondering why these fixed size of calldatasize must be check again

When running against a contract which imports external libs we get Error: Source [...] not found: File outside of allowed directories.

Galaxy:colonyNetwork Elena$ python ../Source/MAIAN/tool/maian.py -s contracts/ColonyNetwork.sol ColonyNetwork -c 0

====================================================================================================
[ ] Compiling Solidity contract from the file contracts/ColonyNetwork.sol ... contracts/ColonyNetworkStorage.sol:20:1: Error: Source "lib/dappsys/math.sol" not found: File outside of allowed directories.
import "../lib/dappsys/math.sol";
^-------------------------------^
contracts/EtherRouter.sol:21:1: Error: Source "lib/dappsys/auth.sol" not found: File outside of allowed directories.
import "../lib/dappsys/auth.sol";
^-------------------------------^
contracts/CommonStorage.sol:20:1: Error: Source "lib/dappsys/auth.sol" not found: File outside of allowed directories.
import "../lib/dappsys/auth.sol";
^-------------------------------^
contracts/ERC20Extended.sol:20:1: Error: Source "lib/dappsys/erc20.sol" not found: File outside of allowed directories.
import "../lib/dappsys/erc20.sol";
^--------------------------------^
contracts/Resolver.sol:20:1: Error: Source "lib/dappsys/auth.sol" not found: File outside of allowed directories.
import "../lib/dappsys/auth.sol";
^-------------------------------^
contracts/DomainRoles.sol:20:1: Error: Source "lib/dappsys/roles.sol" not found: File outside of allowed directories.
import "../lib/dappsys/roles.sol";
^--------------------------------^

[-] Cannot compile the contract

We should be able to pass --allow-paths to solc to allow compilation of contracts which use external libraries.

everything worked fine until it connects to the emptychain
it wont proceed... (stays in the connecting loop forever)
installed is sucsessfully 2 years ago but idkn what i am missing
its the smartbugs version from Gsalzer

I got this working with the docker image released by cryptomental
here: https://hub.docker.com/r/cryptomental/augur-mythril-ci

Step 1: Install Docker (Youtube it, Google it, Check the Docs for Docker, >>> to see how to install)

Step 2: pull in your terminal with this >>>> sudo docker pull cryptomental/maian-augur-ci
(SHOULD GIVE THIS OUTPUT MINUS THIS OF COURSE)

                    Using default tag: latest

                    latest: Pulling from cryptomental/maian-augur-ci

                    297061f60c36: Pull complete 

                    e9ccef17b516: Pull complete 

                    dbc33716854d: Pull complete 

                    8fe36b178d25: Pull complete 

                    686596545a94: Pull complete 

                    d9e4fa657851: Pull complete 

                    3d2ddddda059: Pull complete 

                    33634fb74dc7: Pull complete 

                    29360afad3e1: Pull complete 

                    ea3cad5aab8a: Pull complete 

                    b3af110e007a: Pull complete 

                    91f81720004e: Pull complete 

                    b4e47447f95c: Pull complete 

                    64c7eb0de898: Pull complete 

                    Digest: sha256:e838a693f05fded4d8c57758307632090d48d1d0b097057cebaf182479a95aa0

                    Status: Downloaded newer image for cryptomental/maian-augur-ci:latest

                    docker.io/cryptomental/maian-augur-ci:latest

Step 3: Run the instance of this Docker Image with This >>>>>>>> sudo docker run -it cryptomental/maian-augur-ci
(ITS JUST GONNA GIVE YOU SOMETHING LIKE THIS)

root@b0df642a0897:/#

^^^ can look like any numbers like root@b0f438928f:/# its just telling you its ready for input

Step 4: type THIS >>>>> ls
(HIT ENTER)
(TYPICAL list COMMAND HOPEFULLY YOU CAN SEE WHAT TO DO HERE BUT IF NOT, LETS GO)

Step 5: type THIS >>>>> cd MAIAN/
(HIT ENTER)

Step 6: type THIS >>>>> ls
(HIT ENTER)

Step 7: type THIS >>>>> cd tool/
(HIT ENTER)

Step 8: Here you can list all the contents again with the ( > ls) command >> this one >>>> ls
(HIT ENTER)

STEP 8: Run any of these example commands

python maian.py -s example_contracts/example_suicidal.sol KAI -c 0

python maian.py -b example_contracts/example_suicidal.bytecode -c 0

python maian.py -bs example_contracts/example_suicidal.bytecode_source -c 0

python maian.py -s example_contracts/example_prodigal.sol Adoption -c 1

python maian.py -b example_contracts/example_prodigal.bytecode -c 1

python maian.py -bs example_contracts/example_prodigal.bytecode_source -c 1

python maian.py -b example_contracts/example_greedy.bytecode -c 2

python maian.py -s example_contracts/ParityWalletLibrary.sol WalletLibrary -c 0

Some Sheeeiet im trynna do rn is work on changing the compiler version to a more updated technique from like solc version 4 to solc version 7.6 atleast any help will be greatly appreciated 👍

This was just for anyone struggling to even see what this S__T does and it took me a long ahh time just to figure it out
Its pretty cool,

hope this helps

on running python2 gui-maian.py:

[-] Python module PyQt5 is missing. Please install it (on Ubuntu: sudo apt install python-pyqt5)

but python-pyqt5 not exist!
only python3-pyqt5

See the fork https://github.com/smartbugs/MAIAN for an update of Maian to the current versions of Python, geth und web3.
I did not update the GUI.

When i run mayan.py i get an import error:

File "maian.py", line 24, in
from web3 import Web3, KeepAliveRPCProvider, IPCProvider
ImportError: cannot import name 'KeepAliveRPCProvider'

my assumption is that the ''KeepAliveRPCProvider' was removed sometime. I compiled web3 from the current version 4.1 source.

Do you use a different one, can you provide the version?

Regards,
Konrad

When I try to run run_examples, I see several error messages. The first error is as follows:

~/src/MAIAN/tool(master) $ python --version
Python 2.7.14+
~/src/MAIAN/tool(master) $ geth version
Geth
Version: 1.8.0-unstable
Architecture: amd64
Protocol Versions: [63 62]
Network Id: 1
Go Version: go1.10
Operating System: linux
GOPATH=
GOROOT=/usr/lib/go-1.10
~/src/MAIAN/tool(master) $ python maian.py -s example_contracts/example_suicidal.sol KAI -c 0

====================================================================================================
[ ] Compiling Solidity contract from the file example_contracts/example_suicidal.sol ...  Done 
/usr/local/lib/python2.7/dist-packages/web3/main.py:130: DeprecationWarning: Python 2 support is ending! Please upgrade to Python 3 promptly. Support will end at the beginning of 2018.
  category=DeprecationWarning,
/usr/local/lib/python2.7/dist-packages/web3/main.py:130: DeprecationWarning: Python 2 support is ending! Please upgrade to Python 3 promptly. Support will end at the beginning of 2018.
  category=DeprecationWarning,
[ ] Connecting to PRIVATE blockchain emptychain  ... ESTABLISHED 
[ ] Deploying contract .Traceback (most recent call last):
  File "maian.py", line 182, in <module>
    main(sys.argv[1:])
  File "maian.py", line 120, in main
    if args.soliditycode:   contract_address = deploy_contract(args.soliditycode[1], MyGlobals.etherbase_account)
  File "/home/yh/src/MAIAN/tool/contracts.py", line 99, in deploy_contract
    s.run()
  File "/usr/lib/python2.7/sched.py", line 117, in run
    action(*argument)
  File "/home/yh/src/MAIAN/tool/contracts.py", line 115, in confirm_contract
    receipt = MyGlobals.web3.eth.getTransactionReceipt(transaction_creation_hash)
  File "/usr/local/lib/python2.7/dist-packages/web3/eth.py", line 192, in getTransactionReceipt
    [transaction_hash],
  File "/usr/local/lib/python2.7/dist-packages/web3/manager.py", line 96, in request_blocking
    raise ValueError(response["error"])
ValueError: {u'message': u'unknown transaction', u'code': -32000}

Description

It doesn't detect ecrecover failing upon invalid input

How to Reproduce

See the following piece of code:

https://gist.github.com/HarryR/cce52596ffebdff2744c5d790888015a

This was caused by a compiler bug in Solidity < 0.4.14, where the output memory area for the ecrecover call wasn't cleared, which means in the case of an invalid signature the memory may contain user-controllable input.

If the contract address is passed in as the last 20 bytes of the 32-byte stuff2hash input, then the if condition will be true and the contract will send all funds to the caller.

This was recently highlighted as a problem with the 0x contracts, see: https://samczsun.com/the-0x-vulnerability-explained/

Expected behavior

this bug should be detected

Can you tell me what went wrongly?

$ python maian.py -s Coursetro.sol Coursetro -c 0

====================================================================================================
[ ] Compiling Solidity contract from the file Coursetro.sol ...  Done 
[-] Some blockchain is active, killing it... Cannot kill
[ ] Connecting to PRIVATE blockchain emptychain   ESTABLISHED 
[ ] Deploying contract .... confirmed at address: 0xD47ACC6943D09359F7D77cE51f562bf14950391B 
[ ] Contract code length on the blockchain :    1018  : b'`\x80`@R`\x046\x10a\x00LW`\x005|\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'... 
[ ] Contract address saved in file: ./out/Coursetro.address 
[ ] Check if contract is SUICIDAL

[ ] Contract address   : 0xD47ACC6943D09359F7D77cE51f562bf14950391B
[ ] Contract bytecode  : b'`\x80`@R`\x046\x10a\x00LW`\x005|\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x90\x04c\xff'...
[ ] Bytecode length    : 1018
[ ] Blockchain contract: True
[ ] Debug              : False
Traceback (most recent call last):
  File "maian.py", line 182, in <module>
    main(sys.argv[1:])
  File "maian.py", line 142, in main
    if 0 == MyGlobals.checktype: ret = check_suicide.check_one_contract_on_suicide(code, contract_address, MyGlobals.debug, MyGlobals.read_from_blockchain, True, fhashes)
  File "/Users/bkmsx/Documents/Solidity/Tools/MAIAN/tool/check_suicide.py", line 53, in check_one_contract_on_suicide
    ops = parse_code( contract_bytecode, debug )
  File "/Users/bkmsx/Documents/Solidity/Tools/MAIAN/tool/parse_code.py", line 26, in parse_code
    if op >= '60' and op <='7f':
TypeError: '>=' not supported between instances of 'bytes' and 'str'

chris@ubuntu:~/Desktop/MAIAN/tool$ sudo ./run_examples
[sudo] password for chris:

====================================================================================================
[ ] Compiling Solidity contract from the file example_contracts/example_suicidal.sol ... Done
Traceback (most recent call last):
File "maian.py", line 182, in
main(sys.argv[1:])
File "maian.py", line 105, in main
fhashes = get_function_hashes( args.soliditycode[1] )
File "/home/chris/Desktop/MAIAN/tool/contracts.py", line 59, in get_function_hashes
hash_op = Web3.sha3(hs.encode('utf-8'), encoding='bytes')
TypeError: unbound method sha3() must be called with Web3 instance as first argument (got str instance instead)

====================================================================================================
[ ] Check if contract is SUICIDAL

[ ] Contract address :
[ ] Contract bytecode : 606060405236156100825760e060020a6000350463416ce86f...
[ ] Bytecode length : 4246
[ ] Blockchain contract: False
[ ] Debug : False

[ ] Search with call depth: 1 : Traceback (most recent call last):
File "maian.py", line 182, in
main(sys.argv[1:])
File "maian.py", line 163, in main
if 0 == MyGlobals.checktype: ret = check_suicide.check_one_contract_on_suicide(code, '', MyGlobals.debug, MyGlobals.read_from_blockchain, False)
File "/home/chris/Desktop/MAIAN/tool/check_suicide.py", line 69, in check_one_contract_on_suicide
run_one_check( i, ops, contract_address, debug, read_from_blockchain )
File "/home/chris/Desktop/MAIAN/tool/check_suicide.py", line 25, in run_one_check
clear_globals()
File "/home/chris/Desktop/MAIAN/tool/values.py", line 164, in clear_globals
MyGlobals.s = Solver()
NameError: global name 'Solver' is not defined

====================================================================================================
[ ] Connecting to PRIVATE blockchain emptychain ... ESTABLISHED
[ ] Deploying contract ................. confirmed at address: 0x9e536236abf2288a7864c6a1afaa4cb98d464306
[ ] Contract code length on the blockchain : 16546 : 0x60606040526004361061011d5760...
[ ] Contract address saved in file: ./out/example_suicidal.bytecode_source.address
[ ] Check if contract is SUICIDAL

[ ] Contract address : 0x9e536236abf2288a7864c6a1afaa4cb98d464306
[ ] Contract bytecode : 60606040526004361061011d576000357c0100000000000000...
[ ] Bytecode length : 16544
[ ] Blockchain contract: True
[ ] Debug : False

[ ] Search with call depth: 1 : Traceback (most recent call last):
File "maian.py", line 182, in
main(sys.argv[1:])
File "maian.py", line 142, in main
if 0 == MyGlobals.checktype: ret = check_suicide.check_one_contract_on_suicide(code, contract_address, MyGlobals.debug, MyGlobals.read_from_blockchain, True, fhashes)
File "/home/chris/Desktop/MAIAN/tool/check_suicide.py", line 69, in check_one_contract_on_suicide
run_one_check( i, ops, contract_address, debug, read_from_blockchain )
File "/home/chris/Desktop/MAIAN/tool/check_suicide.py", line 25, in run_one_check
clear_globals()
File "/home/chris/Desktop/MAIAN/tool/values.py", line 164, in clear_globals
MyGlobals.s = Solver()
NameError: global name 'Solver' is not defined

====================================================================================================
[ ] Compiling Solidity contract from the file example_contracts/example_prodigal.sol ... Done
Traceback (most recent call last):
File "maian.py", line 182, in
main(sys.argv[1:])
File "maian.py", line 105, in main
fhashes = get_function_hashes( args.soliditycode[1] )
File "/home/chris/Desktop/MAIAN/tool/contracts.py", line 59, in get_function_hashes
hash_op = Web3.sha3(hs.encode('utf-8'), encoding='bytes')
TypeError: unbound method sha3() must be called with Web3 instance as first argument (got str instance instead)

====================================================================================================
[ ] Check if contract is PRODIGAL

[ ] Contract address :
[ ] Contract bytecode : 650200d2f18c73506060604052361561007f5760e060020a60...
[ ] Bytecode length : 1830
[ ] Blockchain contract: False
[ ] Debug : False

[ ] Search with call depth: 1 : Traceback (most recent call last):
File "maian.py", line 182, in
main(sys.argv[1:])
File "maian.py", line 164, in main
elif 1 == MyGlobals.checktype: ret = check_leak.check_one_contract_on_ether_leak(code, '', MyGlobals.debug, MyGlobals.read_from_blockchain, False)
File "/home/chris/Desktop/MAIAN/tool/check_leak.py", line 105, in check_one_contract_on_ether_leak
run_one_check( i, ops, contract_address, debug, read_from_blockchain )
File "/home/chris/Desktop/MAIAN/tool/check_leak.py", line 63, in run_one_check
clear_globals()
File "/home/chris/Desktop/MAIAN/tool/values.py", line 164, in clear_globals
MyGlobals.s = Solver()
NameError: global name 'Solver' is not defined

====================================================================================================
[ ] Connecting to PRIVATE blockchain emptychain ... ESTABLISHED
Traceback (most recent call last):
File "maian.py", line 182, in
main(sys.argv[1:])
File "maian.py", line 114, in main
supposed_contract_address = predict_contract_address(MyGlobals.etherbase_account)
File "/home/chris/Desktop/MAIAN/tool/contracts.py", line 165, in predict_contract_address
adr = Web3.sha3(rlp.encode([normalize_address(accountAddress), nonce]), encoding='bytes')[-40:]
TypeError: unbound method sha3() must be called with Web3 instance as first argument (got str instance instead)

====================================================================================================
[ ] Check if contract is GREEDY

[ ] Contract address :
[ ] Contract bytecode : 606060405236156100615760e060020a60003504631e9a6950...
[ ] Bytecode length : 2126
[ ] Debug : False
Traceback (most recent call last):
File "maian.py", line 182, in
main(sys.argv[1:])
File "maian.py", line 165, in main
elif 2 == MyGlobals.checktype: ret = check_lock.check_one_contract_on_ether_lock(code, '', MyGlobals.debug, MyGlobals.read_from_blockchain)
File "/home/chris/Desktop/MAIAN/tool/check_lock.py", line 88, in check_one_contract_on_ether_lock
clear_globals()
File "/home/chris/Desktop/MAIAN/tool/values.py", line 164, in clear_globals
MyGlobals.s = Solver()
NameError: global name 'Solver' is not defined

====================================================================================================
[ ] Compiling Solidity contract from the file example_contracts/ParityWalletLibrary.sol ... Done
Traceback (most recent call last):
File "maian.py", line 182, in
main(sys.argv[1:])
File "maian.py", line 105, in main
fhashes = get_function_hashes( args.soliditycode[1] )
File "/home/chris/Desktop/MAIAN/tool/contracts.py", line 59, in get_function_hashes
hash_op = Web3.sha3(hs.encode('utf-8'), encoding='bytes')
TypeError: unbound method sha3() must be called with Web3 instance as first argument (got str instance instead)

When running the script on any of the same contract, get the above error. For example, running the script as follows:

python3.5 -s ./example_contracts/example_prodigal.sol Adoption -c 1

I looked into the error but cant seem to fix the problem myself.

I get the above error. Any help would be appreciated.

Hi,

I tried to execute the MAIAN tool on docker as suggested on the following link:
#26

They provided details of how to execute the MAIAN tool from docker. I am in the MAIAN tool repository on docker.
They have first tried to access the contract from docker:

https://etherscan.io/address/0xf3586684107ce0859c44aa2b2e0fb8cd8731a15a#code

The name of the contract is KaratBankCoin. They have not told where to store (or save) the contract on the repository.

Later on they used the command:

python maian.py -c 2 --soliditycode test.sol KaratBankCoin

Here both test.sol and KaratBankCoin are not in the repository so I am getting the error :

====================================================================================================
[ ] Compiling Solidity contract from the file test.sol ... [-] Contract file test.sol does NOT exist
[-] Contract KaratBankCoin does NOT exist

Because I don’t know what is test.sol and I don’t know how and where to store the KaratBankCoin contract retrieved from mainnet.

They have not provided any details about test.sol and how to store KaratBantCoin because we are in the Maian tool’s repository.

Somebody please guide me.

Zulfi.

https://github.com/MAIAN-tool/MAIAN/blob/ab387e171bf99969676e60a0e5c59de80af15010/tool/execute_instruction.py#L253

`[ ] The contract balance: 44 Positive balance
[ ] Check if contract is PRODIGAL

[ ] Contract address : 0x9E536236ABF2288a7864C6A1AfaA4Cb98D464306
[ ] Contract bytecode : 606060405260043610610062576000357c0100000000000000...
[ ] Bytecode length : 3032
[ ] Blockchain contract: True
[ ] Debug : False

[ ] Search with call depth: 1 : Traceback (most recent call last):
File "./maian.py", line 182, in
main(sys.argv[1:])
File "./maian.py", line 143, in main
elif 1== MyGlobals.checktype: ret = check_leak.check_one_contract_on_ether_leak(code, contract_address, MyGlobals.debug, MyGlobals.read_from_blockchain, True, fhashes)
File "/Users/addisongarcia/BlockChain/MAIAN/tool/check_leak.py", line 105, in check_one_contract_on_ether_leak
run_one_check( i, ops, contract_address, debug, read_from_blockchain )
File "/Users/addisongarcia/BlockChain/MAIAN/tool/check_leak.py", line 63, in run_one_check
clear_globals()
File "/Users/addisongarcia/BlockChain/MAIAN/tool/values.py", line 164, in clear_globals
MyGlobals.s = Solver()
NameError: global name 'Solver' is not defined`

any idea about this ?

i am newbie on python ..

Hello, I am a graduate student from Hohai University. I read your papers on MAIAN, and you can tell me whether there is an increase in the number of contract types that MAIAN can detect today, or whether they are still suicide, profligacy and greedy.

I failed to run MAIAN on both Mac and Ubuntu with an error message in the title.
Is there anyone who resolved the similar issue?

The answers in #16 are unclear to me.

https://github.com/MAIAN-tool/MAIAN/blob/ab387e171bf99969676e60a0e5c59de80af15010/tool/execute_instruction.py#L290

When attempting to analyze this contract from source for Prodigal vulnerabilities, I get the following error:

python maian.py -s ~/powh.sol PowhCoin3 -c 1

====================================================================================================
[ ] Compiling Solidity contract from the file /home/caleb/powh.sol ...  Done 
/home/caleb/.local/lib/python2.7/site-packages/web3/main.py:130: DeprecationWarning: Python 2 support is ending! Please upgrade to Python 3 promptly. Support will end at the beginning of 2018.
  category=DeprecationWarning,
/home/caleb/.local/lib/python2.7/site-packages/web3/main.py:130: DeprecationWarning: Python 2 support is ending! Please upgrade to Python 3 promptly. Support will end at the beginning of 2018.
  category=DeprecationWarning,
[ ] Connecting to PRIVATE blockchain emptychain  ... ESTABLISHED 
[ ] Sending Ether to contract 0x9e536236abf2288a7864c6a1afaa4cb98d464306  ..... tx[0] mined  Sent! 
[ ] Deploying contract ....... confirmed at address: 0x9E536236ABF2288a7864C6A1AfaA4Cb98D464306 
[ ] Contract code length on the blockchain :    11184  : 0x60606040526004361061011d5760... 
[ ] Contract address saved in file: ./out/PowhCoin3.address 
[ ] The contract balance: 44   Positive balance
[ ] Check if contract is PRODIGAL

[ ] Contract address   : 0x9E536236ABF2288a7864C6A1AfaA4Cb98D464306
[ ] Contract bytecode  : 60606040526004361061011d576000357c0100000000000000...
[ ] Bytecode length    : 11182
[ ] Blockchain contract: True
[ ] Debug              : False

[ ] Search with call depth: 1   : Traceback (most recent call last):
  File "maian.py", line 182, in <module>
    main(sys.argv[1:])
  File "maian.py", line 143, in main
    elif 1== MyGlobals.checktype: ret = check_leak.check_one_contract_on_ether_leak(code, contract_address, MyGlobals.debug, MyGlobals.read_from_blockchain, True, fhashes)
  File "/home/caleb/MAIAN/tool/check_leak.py", line 105, in check_one_contract_on_ether_leak
    run_one_check( i, ops, contract_address, debug, read_from_blockchain )
  File "/home/caleb/MAIAN/tool/check_leak.py", line 77, in run_one_check
    execute_one_block(ops,stack,0, trace, storage, mmemory, data, configurations,  ['CALL','SUICIDE'], ether_leak, 0, 0, debug, read_from_blockchain )
  File "/home/caleb/MAIAN/tool/execute_block.py", line 88, in execute_one_block
    newpos, halt = execute( ops, stack, pos, storage, mmemory, data, trace, calldepth, debug, read_from_blockchain  )
  File "/home/caleb/MAIAN/tool/execute_instruction.py", line 429, in execute
    t = copy.deepcopy( args[1] )
  File "/usr/lib/python2.7/copy.py", line 163, in deepcopy
    y = copier(x, memo)
  File "/usr/lib/python2.7/copy.py", line 257, in _deepcopy_dict
    y[deepcopy(key, memo)] = deepcopy(value, memo)
  File "/usr/lib/python2.7/copy.py", line 163, in deepcopy
    y = copier(x, memo)
  File "/usr/lib/python2.7/copy.py", line 285, in _deepcopy_inst
    return x.__deepcopy__(memo)
TypeError: __deepcopy__() takes exactly 1 argument (2 given)

Getting this error after installing and adhering to all of the indicated dependencies mentioned earlier.

Traceback (most recent call last):
  File "maian.py", line 182, in <module>
    main(sys.argv[1:])
  File "maian.py", line 105, in main
    fhashes = get_function_hashes( args.soliditycode[1] )
  File "/Users/johniadeluca/Desktop/logoEdits/MAIAN/tool/contracts.py", line 59, in get_function_hashes
    hash_op = Web3.sha3(hs.encode('utf-8'), encoding='bytes')
  File "/Users/johniadeluca/anaconda3/lib/python3.6/site-packages/web3/utils/string.py", line 83, in inner
    return force_obj_to_text(fn(*args, **kwargs))
TypeError: sha3() missing 1 required positional argument: 'value'

Any help/ideas? Can't find the declaration of sha3()

on running python3 gui-maian.py

File "gui-maian.py", line 17, in
from Queue import Queue
ModuleNotFoundError: No module named 'Queue'

I ran into an issue running the maian tool more specifically the maian.py script on windows. I cannot get past importations even though I installed all necessary packages but I now still keep getting this 91m error even though I installed both the solidity compiler and geth.
�[91m[-] Solidity compiler is missing.�[0m Please install it (check http://solidity.readthedocs.io/en/develop/installing-solidity.html) and make sure solc is in the path.
�[91m[-] Go Ethereum is missing.�[0m Please install it (check https://ethereum.github.io/go-ethereum/install/) and make sure geth is in the path.

Those are the two errors I get. Hopefully Someone has an idea what's going on. Tell me if I can provide any further info. I have been stock trying to reinstall and add them to my environment variables through different ways without success. (For further information I am able to run both solc and geth from the environment variables I added to the path by entering geth or solc but the script keeps telling me they are not installed)

I am new to crypto but know my way around python and unix based shells but I can't seem to find a fix for the problem here. Please tell me if you need anymore information. I am trying to run the script on windows 10.

I've read through the code of checking for "SUICIDE", I'm very doubtful that it won't work for any smart contract (solidity >= 0.5.0) due to an update of itself.

Prior to version 0.5.0, there was a function called suicide with the same semantics as selfdestruct. - Solidity Document

Which means, the "SUICIDE" low-level function had been changed to "SELF-DESTRUCT". Any update for this?

Hello.

I tried to run the initial example on my mac but does not seem working.

[~/src/MAIAN/tool -  (master)] $ python --version
Python 3.6.4
[~/src/MAIAN/tool -  (master)] $ geth version
Geth
Version: 1.8.1-stable
Architecture: amd64
Protocol Versions: [63 62]
Network Id: 1
Go Version: go1.10
Operating System: darwin
GOPATH=
GOROOT=/usr/local/opt/go/libexec
[~/src/MAIAN/tool -  (master)] $ python maian.py -s example_contracts/ParityWalletLibrary.sol WalletLibrary -c 0

====================================================================================================
[ ] Compiling Solidity contract from the file example_contracts/ParityWalletLibrary.sol ... Traceback (most recent call last):
  File "maian.py", line 182, in <module>
    main(sys.argv[1:])
  File "maian.py", line 98, in main
    compile_contract(args.soliditycode[0])
  File "~/src/MAIAN/tool/contracts.py", line 32, in compile_contract
    solo += l
TypeError: must be str, not bytes

root@kali:~/MAIAN/tool# python maian.py -h
Traceback (most recent call last):
File "maian.py", line 24, in
from web3 import Web3, KeepAliveRPCProvider, IPCProvider
ImportError: No module named web3

[zhicheng@taxi] (26)$ geth version
Geth
Version: 1.7.2-stable
Git Commit: 1db4ecdc0b9e828ff65777fb466fc7c1d04e0de9
Architecture: amd64
Protocol Versions: [63 62]
Network Id: 1
Go Version: go1.9
Operating System: linux
GOPATH=
GOROOT=/usr/lib/go-1.9
[zhicheng@taxi] (27)$ python2 --version
Python 2.7.12
[zhicheng@taxi] (28)$ python2 maian.py -s example_contracts/example_suicidal.sol KAI -c 0

====================================================================================================
[ ] Compiling Solidity contract from the file example_contracts/example_suicidal.sol ... Done
[ ] Connecting to PRIVATE blockchain emptychain ... ESTABLISHED
[ ] Deploying contract ..... confirmed at address: 0x9e536236abf2288a7864c6a1afaa4cb98d464306
[ ] Contract code length on the blockchain : 7750 : 0x606060405236156100ce57600035...
[ ] Contract address saved in file: ./out/KAI.address
[ ] Check if contract is SUICIDAL

[ ] Contract address : 0x9e536236abf2288a7864c6a1afaa4cb98d464306
[ ] Contract bytecode : 606060405236156100ce576000357c01000000000000000000...
[ ] Bytecode length : 7748
[ ] Blockchain contract: True
[ ] Debug : False

[ ] Search with call depth: 1 : Traceback (most recent call last):
File "maian.py", line 177, in
main(sys.argv[1:])
File "maian.py", line 137, in main
if 0 == MyGlobals.checktype: ret = check_suicide.check_one_contract_on_suicide(code, contract_address, MyGlobals.debug, MyGlobals.read_from_blockchain, True, fhashes)
File "/nobackup/MAIAN/tool/check_suicide.py", line 69, in check_one_contract_on_suicide
run_one_check( i, ops, contract_address, debug, read_from_blockchain )
File "/nobackup/MAIAN/tool/check_suicide.py", line 37, in run_one_check
execute_one_block(ops,stack,0, trace, storage, mmemory, data, configurations, ['SUICIDE'], ether_suicide, 0, 0, debug, read_from_blockchain )
File "/nobackup/MAIAN/tool/execute_block.py", line 88, in execute_one_block
newpos, halt = execute( ops, stack, pos, storage, mmemory, data, trace, calldepth, debug, read_from_blockchain )
File "/nobackup/MAIAN/tool/execute_instruction.py", line 429, in execute
t = copy.deepcopy( args[1] )
File "/usr/lib/python2.7/copy.py", line 163, in deepcopy
y = copier(x, memo)
File "/usr/lib/python2.7/copy.py", line 257, in _deepcopy_dict
y[deepcopy(key, memo)] = deepcopy(value, memo)
File "/usr/lib/python2.7/copy.py", line 163, in deepcopy
y = copier(x, memo)
File "/usr/lib/python2.7/copy.py", line 298, in _deepcopy_inst
state = deepcopy(state, memo)
File "/usr/lib/python2.7/copy.py", line 163, in deepcopy
y = copier(x, memo)
File "/usr/lib/python2.7/copy.py", line 257, in _deepcopy_dict
y[deepcopy(key, memo)] = deepcopy(value, memo)
File "/usr/lib/python2.7/copy.py", line 163, in deepcopy
y = copier(x, memo)
File "/usr/lib/python2.7/copy.py", line 298, in _deepcopy_inst
state = deepcopy(state, memo)
File "/usr/lib/python2.7/copy.py", line 163, in deepcopy
y = copier(x, memo)
File "/usr/lib/python2.7/copy.py", line 257, in _deepcopy_dict
y[deepcopy(key, memo)] = deepcopy(value, memo)
File "/usr/lib/python2.7/copy.py", line 190, in deepcopy
y = _reconstruct(x, rv, 1, memo)
File "/usr/lib/python2.7/copy.py", line 334, in _reconstruct
state = deepcopy(state, memo)
File "/usr/lib/python2.7/copy.py", line 163, in deepcopy
y = copier(x, memo)
File "/usr/lib/python2.7/copy.py", line 257, in _deepcopy_dict
y[deepcopy(key, memo)] = deepcopy(value, memo)
File "/usr/lib/python2.7/copy.py", line 182, in deepcopy
rv = reductor(2)
ValueError: ctypes objects containing pointers cannot be pickled
Exception AttributeError: "BitVecNumRef instance has no attribute 'ctx'" in <object repr() failed> ignored
Exception AttributeError: "Context instance has no attribute 'lib'" in <bound method Context.del of <z3.z3.Context instance at 0x7f72aea32518>> ignored

Multiple conditions on selfdestruct pattern failing test analysis.

I was wondering are there any modules or plans to find reentrancy style attacks with this?