Installation and use of binabsinspector, an open source binary file static vulnerability analysis tool

explain

Tencent security Cohen lab aims to improve the efficiency and scalability of static analysis in the field of binary file vulnerability detection , Cohen incubates and opens a binary static vulnerability analysis tool BinAbsInspector project .

Compared with similar static analysis tools , There are significant advantages .

“ fine ” Quasi static analysis ｜ Cohen binary automated static vulnerability detection tool is officially open source | Tencent Cohen lab's official blog

Then install it and use it .

1.Ghidra install

BinAbsInspector As a Ghidra Developed by , therefore , Installation is required first Ghidra.Ghidra Is the mainstream reverse analysis software , and IDA Equal reputation .

Ghidra Download address is

Releases · NationalSecurityAgency/ghidra · GitHub

In order to and BinAbsInspector Compatible versions of , Choose here Ghidra10.1.2 The package ghidra_10.1.2_PUBLIC_20220125.zip download .

After decompressing , perform ghidraRun.bat, You can start Ghidra.（ The premise here is that jdk, Obviously most of us have already installed ）

2. Z3 library install

Z3 Download address is

Releases · Z3Prover/z3 · GitHub

Because I am. 64 position wins machine , All options z3-4.8.17-x64-win.zip Download to my D:\softwaretmp Under the table of contents .

After decompressing the package find z3.exe The directory is D:\softwaretmp\z3-4.8.17-x64-win\z3-4.8.17-x64-win\bin.

Add this directory to the system environment variable .

3.BinAbsInspector Import as a plug-in

download BinAbsInspector Address

Releases · KeenSecurityLab/BinAbsInspector · GitHub

Download zip

ghidra_10.1.2_PUBLIC_20220420_BinAbsInspector.zip

Copy the compressed package to  D:\softwaretmp\ghidra_10.1.2_PUBLIC_20220125\ghidra_10.1.2_PUBLIC\Extensions\Ghidra Under the table of contents . The file formats in this directory are  ghidra_10.1.2_PUBLIC_2022*.zip.

  Click on file->install extension, Select execute plug-in installation

4. Ghidra Import BinAbsInspector

 Ghidra New projects ,import Tested binary file . open windows->script manager, Click on Analysis, Can find BinAbsInspector, double-click , Choose default , Then you can start the test .

The test will soon see the results .

  Then we start to analyze the test results ！