Sophia's talk on using advanced features of the Binary Ninja API for vulnerability analysis is next up #youkillityoueatit
-
-
3: Goal here is to find type confusion bugs with sign analysis. Ran the tool on PHP and it can find CVE-2016-6289. https://blog.fortinet.com/2016/08/10/analysis-of-php-s-cve-2016-6289-and-cve-2016-6297 …
-
4th example: find use-after-free with Binja. Reimplement earlier project from
@trailofbits in simpler form:https://blog.trailofbits.com/2016/03/09/the-problem-with-dynamic-program-analysis/ … -
5th example: devirtualize C++, make code readable again! https://blog.trailofbits.com/2017/02/13/devirtualizing-c-with-binary-ninja/ …
-
Sophia suggests checking out the
@trailofbits Binja script repo for more code and ideas:https://github.com/trailofbits/binjascripts … -
How fast is Binja? Ran sign analysis on JavaScriptCore, can load Chrome Debug build, etc. Binja is all 64-bit code. "RAM is made to be used"
-
Can you look at dynamic content? No, but take a memory snapshot and load that for analysis.
-
I've been informed Sophia D'Antoine has joined Twitter! Follow her at
@Calaquendi44 for more updates on program analysis and VR.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.