EvilZone

Programming and Scripting => Projects and Discussion => : TheWormKill March 01, 2015, 03:44:01 PM

: [python] Iridium - an Analysis framework for compiled binaries
: TheWormKill March 01, 2015, 03:44:01 PM: Hello everyone,

I'd like to introduce my current work to you: a framework for analyzing assembly files in a static context. The idea behind it: Some parts of reverse-engineering functions are annoying, hard, or both. Still, you often don't have much time to do this work. This is the reason why decompilers were written. These are programs that try to recover the source code from a binary file. This approach has one great weakness, though: the user doesn't have any interaction with the analysis target, which is bad, especially when errors occur during analysis. Thus, this program tries to avoid this by focusing on some key aspects and only guiding the user during the process of analysis. It recovers controlflow-structures from functions, analyzes what data is allocated on the stack and recovers information from optimized divisions that are not human-readable. For more information, see the README. The docs are quite terrible at the moment, so any kind of feedback is appreciated. My apologies. The link: http://www.github.com/ibabushkin/Iridium (http://www.github.com/ibabushkin/Iridium) I hope this is of use to someone, although it is probably still very buggy.

Cheers.

EDIT: I added a fully functional GDB plugin to the project and plan to develop more frontends for common disassemblers and debuggers. Apart from that, the program has been stabilized and otherwise improved. And I got the best possible grade for it (doesn't necessarily mean much).
: Re: The project I worked on since August
: Danus March 01, 2015, 06:27:39 PM: Looks good, ill give it a look later - either way +1
: Re: The project I worked on since August
: Deque March 01, 2015, 08:18:11 PM: Looks great. I will try it tomorrow when I am back at work again. :D
: Re: The project I worked on since August
: TheWormKill March 01, 2015, 08:37:42 PM: Thanks for your replies!

BTW, Deque, you were the one who brought me the idea of writing this:
: Deque July 31, 2014, 10:19:23 AM
So it is actually a partial decompiler for ASM -> C.
Nice project. Something you can extend and build upon for months.

Turns out I tried. Will get a grade for this soon.
: Re: The project I worked on since August
: Deque March 01, 2015, 09:15:55 PM: : TheWormKill March 01, 2015, 08:37:42 PM
Thanks for your replies!

BTW, Deque, you were the one who brought me the idea of writing this:
Turns out I tried. Will get a grade for this soon.

Oh, good to know. :D *thumbsup*
: Re: The project I worked on since August
: kenjoe41 March 06, 2015, 07:10:31 PM: I thought i remembered a project with the same i dea but couldn't pick out which one. Now i remember, brah. Lets see what you have here.

Edit: Clean up the git repo or better, get a .gitignore.
: Re: [python] Iridium - an Analysis framework for compiled binaries
: TheWormKill June 18, 2015, 10:03:49 PM: UPDATE:

Apart from repository- and code-cleaning, there are new features etc. now. (see EDIT in OP and README).

Cheers.