Operating System Introspection library to support PANDA.
Currently, the following profiles are supported:
| Profile | Level of Support |
|---|---|
| windows-32-7sp0 | full |
| windows-32-7sp1 | full |
| windows-64-7sp0 | full |
| windows-64-7sp1 | full |
| windows-32-xpsp2 | full |
| windows-32-xpsp3 | full |
| windows-32-2000 | experimental |
| linux-32-3.16 | full |
| linux-64-3.16 | full |
See our releases page for the latest CI generated deb packages for Ubuntu 22.04 and 24.04.
Install dependencies. On Ubuntu, this can be done with:
sudo apt-get update -y
sudo apt-get install cmake ninja-build rapidjson-dev libglib2.0-dev -yNote that libglib2.0-dev is required only for Ubuntu 24.
To build libosi, from the root of this repo run:
cmake -B build -GNinja -DCMAKE_INSTALL_PREFIX=/usr
ninja -C buildInstalling libosi includes running:
ninja -C build package
sudo dpkg -i build/libosi*.debTesting is currently implemented for offset and iohal. To run the tests, you will first need to install dependencies and run the following commands to execute all the tests:
sudo apt-get install libgtest-dev -y
cmake -B build -GNinja -DENABLE_TESTING=ON
ninja -C build
ninja -C build testAdding support for other Windows and Linux kernels can be as simple as adding a new profile
to src/offset/profiles. However, in some kernels, struct names may have changed. In these
cases, you may need to add/port API functions in src/osi/windows/api.cc, where these names
are assumed. Additionally, Linux support is for a rather old kernel version (v3.16). Supporting
a newer kernel would likely be some development work.
Support is currently limited to i386 and amd64. Support for more architectures includes writing
a new translator within src/iohal/translators.
Pull Requests are welcome.
Currently, the code is formatted with clang-format, using the style provided in .clang-format.