Rusty is explaining the finer points of the Binja processing pipeline and how it turns out an easily readable IL.
-
-
Replying to @dguido
Sophia up now to show what you can do with the Binja tools. Check the API at http://api.binary.ninja/search.html
1 reply 1 retweet 2 likes -
Replying to @dguido
Sophia's 1st example: find where a program writes data to the stack. Easy to write, all python. Finds candidate stack smashes.
1 reply 1 retweet 2 likes -
Replying to @dguido
2nd example: Find all uninitialized variables in a program. Takes advantage of SSA form feature in Binja. Script is trivially small.
1 reply 1 retweet 2 likes -
Replying to @dguido
3rd example: Use Binja analyses to take practical advantage of symbolic execution. Usually too slow, but can target analysis with Binja.
1 reply 1 retweet 2 likes -
Replying to @dguido
3: Goal here is to find type confusion bugs with sign analysis. Ran the tool on PHP and it can find CVE-2016-6289. https://blog.fortinet.com/2016/08/10/analysis-of-php-s-cve-2016-6289-and-cve-2016-6297 …
1 reply 1 retweet 7 likes -
Replying to @dguido
4th example: find use-after-free with Binja. Reimplement earlier project from
@trailofbits in simpler form:https://blog.trailofbits.com/2016/03/09/the-problem-with-dynamic-program-analysis/ …1 reply 1 retweet 6 likes -
Replying to @dguido @trailofbits
5th example: devirtualize C++, make code readable again! https://blog.trailofbits.com/2017/02/13/devirtualizing-c-with-binary-ninja/ …
1 reply 3 retweets 4 likes -
Replying to @dguido @trailofbits
Sophia suggests checking out the
@trailofbits Binja script repo for more code and ideas:https://github.com/trailofbits/binjascripts …1 reply 1 retweet 4 likes -
Replying to @dguido @trailofbits
How fast is Binja? Ran sign analysis on JavaScriptCore, can load Chrome Debug build, etc. Binja is all 64-bit code. "RAM is made to be used"
1 reply 1 retweet 5 likes
Can you look at dynamic content? No, but take a memory snapshot and load that for analysis.
-
-
Replying to @dguido @trailofbits
I've been informed Sophia D'Antoine has joined Twitter! Follow her at
@Calaquendi44 for more updates on program analysis and VR.0 replies 0 retweets 0 likesThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.