View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0004837 | Kali Linux | New Tool Requests | public | 2018-07-05 01:45 | 2020-01-13 13:39 |
Reporter | trichronos | Assigned To | |||
Priority | normal | Severity | feature | Reproducibility | have not tried |
Status | closed | Resolution | won't fix | ||
Summary | 0004837: Mythril | ||||
Description | https://www.github.com/consensys/mythril.git Mythril is a vulnerability discovery and analysis tool for smart contracts running on the Ethereum blockchain. It is developed and maintained by ConsenSys Diligence. It was announced at the 9th HITBSecConf 2018 in Europe, (https://www.youtube.com/watch?v=iqf6epACgds) and detailed in the write-up "Smashing Smart Contracts for Fun and Real Profit," (https://github.com/b-mueller/smashing-smart-contracts/blob/master/smashing-smart-contracts-1of1.pdf), by Bernhard Mueller. It's currently in a public beta. Mythril capitalizes on the same Ethos that defines Kali. It has an efficient command-line interface, with an exhaustive state tree analyzer and a rigorous vulnerability scan. Vulnerabilities in Smart Contracts have caused the loss of hundreds of millions of dollars in 2016 and 2017 alone (see the DAO hack and the Parity Multisig bugs, for example.) As this trend increases along with the popularity of smart contract development, it becomes increasingly important for this aspect of information security to have strong representation in premier security products like Kali Linux. ConsenSys Diligence is proud to offer this open-source tool for the widest possible amount of use under the MIT license. | ||||
To help speed up the process of evaluating the tool, please make sure to include the following information (the more information you include, the more beneficial it will for us):
|
|
Tool Name: Mythril Dependencies:
Similar Tools: Any static analyzer or linter. Activity: Currently under development. How to Install: How to Use: |
|
Related Tools: Oyente: https://github.com/melonproject/oyente |
|
Installing the "solc" (Solidity Compiler) dependency proved to be especially difficult on Kali as NPM, snap, apt-add-repository, and docker all encountered multiple errors during or immediately after the base installation. For that reason, I'm removing NPM and nodejs from the dependencies list. That method has too much friction to really be worth implementing on Kali. As a temporary fix, download "solc-static-linux" from here: https://github.com/ethereum/solidity/releases -- rename it to "solc" and add it to the PATH. This will get Mythril up and running much quicker. Soon Mythril will have an API that will reduce the need for most of these above dependencies. That can be perhaps be loaded into a shell program written in C that will make it easier to add to Kali. Perhaps it would be best to close this tool request for now and re-open once our API is out. |
|
This doesn't really relate to pentesting |
|
Date Modified | Username | Field | Change |
---|---|---|---|
2018-07-05 01:45 | trichronos | New Issue | |
2018-07-05 06:06 | g0tmi1k | Summary | Proposal to Add Mythril to Kali's Default Toolset => Mythril |
2018-07-05 06:07 | g0tmi1k | Note Added: 0009341 | |
2018-07-05 16:28 | trichronos | Note Added: 0009343 | |
2018-07-06 12:43 | trichronos | Note Added: 0009345 | |
2018-07-07 00:24 | elwood | Status | new => acknowledged |
2018-07-14 19:01 | trichronos | Note Added: 0009361 | |
2019-12-09 13:30 | g0tmi1k | Severity | minor => feature |
2019-12-09 13:30 | g0tmi1k | Status | acknowledged => new |
2020-01-06 13:01 | g0tmi1k | Product Version | 2018.2 => |
2020-01-13 13:39 | g0tmi1k | Note Added: 0011894 | |
2020-01-13 13:39 | g0tmi1k | Status | new => closed |
2020-01-13 13:39 | g0tmi1k | Resolution | open => won't fix |