Bincat – Binary Code Static Analyser, With IDA Integration

0
5
Bincat - Binary Code Static Analyser, With IDA Integration

BinCAT is a static Binary Code Analysis Toolkit, designed to assist reverse engineers, instantly from IDA.
It options:

  • worth analysis (registers and reminiscence)
  • taint evaluation
  • sort reconstruction and propagation
  • back and forth evaluation
  • use-after-free and double-free detection


In motion
You can verify (an older model of) BinCAT in motion right here:
Check the
tutorial out to see the corresponding duties.

Quick FAQ
Supported host platforms:

  • IDA plugin: all, model 6.9 or later (BinCAT makes use of PyQt, not PySide)
  • analyzer (native or distant): Linux, Windows, macOS (possibly)

Supported CPU for evaluation (for now):

  • x86-32
  • ARMv7
  • ARMv8
  • PowerPC

Installation
Only IDA v6.9 or later (7 included) are supported

Binary distribution set up (beneficial)
The binary distribution contains every part wanted:

  • the analyzer
  • the IDA plugin

Install steps:

  • Extract the binary distribution of BinCAT (not the git repo)
  • In IDA, click on on “File -> Script File…” menu (or sort ALT-F7)
  • Select install_plugin.py
  • BinCAT is now put in in your IDA person dir
  • Restart IDA

Manual set up

Analyzer
The analyzer can be utilized regionally or via a Web service.
On Linux:

On Windows:

IDA Plugin
BinCAT ought to work with IDA on Wine, as soon as pip is put in:

Using BinCAT

Quick begin

  • Load the plugin through the use of the Ctrl-Shift-B shortcut, or utilizing the Edit -> Plugins -> BinCAT menu
  • Go to the instruction the place you need to begin the evaluation
  • Select the BinCAT Configuration pane, click on <-- Current to outline the beginning handle
  • Launch the evaluation

Configuration
Global choices will be configured via the Edit/BinCAT/Options menu.
Default config and choices are saved in $IDAUSR/idabincat/conf.

Options

  • “Use remote bincat”: choose in case you are operating docker in a Docker container
  • “Remote URL”: http://localhost:5000 (or the URL of a distant BinCAT server)
  • “Autostart”: autoload BinCAT at IDA startup
  • “Save to IDB”: default state for the save to idb checkbox

Documentation
A manual is offered and verify here for an outline of the configuration file format.
A tutorial is offered that will help you attempt BinCAT’s options.

Article and shows about BinCAT

MoreTip.com

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.