def test_verify_BNDB_round_trip(self):
"""Binary Ninja Database output doesn't match its input"""
# This will test Binja's ability to save and restore databases
# By:
# - Creating a binary view
# - Make modification that impact the database
# - Record those modification
# - Save the database
# - Restore the datbase
# - Validate that the modifications are present
file_name = self.unpackage_file("helloworld")
try:
bv = binja.BinaryViewType['ELF'].open(file_name)
bv.update_analysis_and_wait()
# Make some modifications to the binary view
# Add a comment
bv.functions[0].set_comment(bv.functions[0].start,
"Function start")
# Add a new function
bv.add_function(bv.functions[0].start + 4)
temp_name = next(tempfile._get_candidate_names()) + ".bndb"
comments = self.get_comments(bv)
functions = self.get_functions(bv)
bv.create_database(temp_name)
bv.file.close()
del bv
bv = binja.FileMetadata(temp_name).open_existing_database(
temp_name).get_view_of_type('ELF')
bv.update_analysis_and_wait()
bndb_functions = self.get_functions(bv)
bndb_comments = self.get_comments(bv)
# force windows to close the handle to the bndb that we want to delete
bv.file.close()
del bv
os.unlink(temp_name)
return [
str(functions == bndb_functions and comments == bndb_comments)
]
finally:
self.delete_package("helloworld")
def initialize_disassembler(self, program_path):
import binaryninja as bn
from binaryninja import BinaryView as bview
from .disasm import BinjaILDisasm
# see if we have cached the db
db_name = "." + os.path.basename(program_path) + ".bnfm"
dbpath = os.path.join(os.path.dirname(program_path), db_name)
if not os.path.isfile(dbpath):
bv = bn.binaryview.BinaryViewType.get_view_of_file(program_path)
bv.update_analysis_and_wait()
# cache for later
bv.create_database(dbpath)
else:
fm = bn.FileMetadata()
db = fm.open_existing_database(dbpath)
vtypes = filter(lambda x: x.name != "Raw",
bview.open(program_path).available_view_types)
bv = db.get_view_of_type(vtypes[0].name)
bv.update_analysis_and_wait()
self.program_path = program_path
self.view = bv
self.disasm = BinjaILDisasm(bv)
import angr
import argparse
import binaryninja
import logging
import simuvex
import sys
parser = argparse.ArgumentParser(description='Find magic gadgets')
parser.add_argument('libc', metavar='<libc.so>', help='libc shared library')
parser.add_argument('-b', '--binja', metavar='<libc.bndb>', help='Binary Ninja database file (huge speed improvement)')
parser.add_argument('-v', '--verbose', action='store_true')
args = parser.parse_args()
# Binary Ninja and Angr initialization
if args.binja:
fm = binaryninja.FileMetadata()
db = fm.open_existing_database(args.binja)
bv = db.get_view_of_type('ELF')
else:
bv = binaryninja.BinaryViewType['ELF'].open(args.libc)
bv.update_analysis_and_wait()
b = angr.Project(args.libc, load_options={'main_opts': {'custom_base_addr': 0}})
# Helper functions for printing pretty
def red(string):
return '\033[0;31m' + string + '\033[0m'
def line():