Skip to main content

A Collaboration framework for binary analysis tasks.

Project description

BinSync

BinSync Logo

BinSync is a decompiler collaboration tool built on the Git versioning system to enable fined-grained reverse engineering collaboration regardless of decompiler. BinSync is built by mahaloz, the angr team, and the SEFCOM research lab. It's also due in large part to its use by the Shellphish hacking team.

All good decompilers share common objects called Reverse Engineering Artifacts (REAs). These REAs are the center of BinSync's syncing ability. Here are the supported REAs:

  • Function headers (symbol, args, type)
  • Stack Variables (symbol, type)
  • Structs
  • Comments

Note: all types support user-created types like structs.

Binja Sync

Join our discord below for more online help:

Discord

Quick Start

For all installs, it's best to use our two-part installer with Python:

pip3 install binsync && binsync --install 

BinSync is also available in the Binary Ninja plugin manager. If you plan on using extra BS features, like the ChatGPT User, install the package like this: pip3 install binsync[extras], which will install extra packages for support. For full install information, please read our Quickstart Docs.

Supported Platforms

  • IDA Pro: >= 7.3
  • Binary Ninja: >= 2.4
  • angr-management: >= 9.0
  • Ghidra: >= 10.1

All versions require Python >= 3.4 and Git installed on your system. Ghidra support is still very much in early stage, so only expect the minimal features like artifact name syncing and comments.

Decompiler Support Progress

Although we support the decompilers in the earlier section, not every decompiler is supported at the same level of syncing. To understand the difference between artifact support, pull, push, and auto push, read our decompiler use introduction.

IDA Pro

Operations     Function Headers     Stack Vars     Global Vars     Structs     Enums     Comments    
Symbols :white_check_mark: :white_check_mark: :white_check_mark: :white_check_mark: :white_check_mark: :white_check_mark:
Types :white_check_mark: :white_check_mark: :white_check_mark: :white_check_mark: :white_check_mark: :white_check_mark:
Pull :white_check_mark: :white_check_mark: :white_check_mark: :white_check_mark: :white_check_mark: :white_check_mark:
Push :white_check_mark: :white_check_mark: :white_check_mark: :white_check_mark: :white_check_mark: :white_check_mark:
Auto Push :white_check_mark: :white_check_mark: :white_check_mark: :white_check_mark: :white_check_mark: :white_check_mark:

IDA Sync

Binary Ninja

Operations     Function Headers     Stack Vars     Global Vars     Structs     Enums     Comments    
Symbols :white_check_mark: :white_check_mark: :white_check_mark: :white_check_mark: :white_check_mark: :white_check_mark:
Types :white_check_mark: :white_check_mark: :white_check_mark: :white_check_mark: :white_check_mark: :white_check_mark:
Pull :white_check_mark: :white_check_mark: :white_check_mark: :white_check_mark: :white_check_mark: :white_check_mark:
Push :white_check_mark: :white_check_mark: :white_check_mark: :white_check_mark: :white_check_mark: :white_check_mark:
Auto Push :white_check_mark: :white_check_mark: :white_check_mark: :white_check_mark: :white_check_mark: :white_check_mark:

Binja Sync

Ghidra

Operations     Function Headers     Stack Vars     Global Vars     Structs     Enums     Comments    
Symbols :white_check_mark: :white_check_mark: :x: :x: :x: :white_check_mark:
Types :white_check_mark: :white_check_mark: :x: :x: :x: :white_check_mark:
Pull :white_check_mark: :white_check_mark: :x: :x: :x: :white_check_mark:
Push :x: :x: :x: :x: :x: :x:
Auto Push :x: :x: :x: :x: :x: :x:

Ghidra Sync

angr-management

Operations     Function Headers     Stack Vars     Global Vars     Structs     Enums     Comments    
Symbols :white_check_mark: :white_check_mark: :x: :x: :x: :white_check_mark:
Types :white_check_mark: :white_check_mark: :x: :x: :x: :white_check_mark:
Pull :white_check_mark: :white_check_mark: :x: :x: :x: :white_check_mark:
Push :white_check_mark: :white_check_mark: :x: :x: :x: :white_check_mark:
Auto Push :white_check_mark: :white_check_mark: :x: :x: :x: :white_check_mark:

Scripting

Since BinSync needs to lift (and lower) most artifact components, BinSync offers a generic API to work with decompilers that BinSync supports. Currently, this API only works with read-only operations, but has work in the pipeline to get write support as well.

The below script runs in any decompiler that BinSync supports:

from binsync.api import load_decompiler_controller
controller = load_decompiler_controller()
structs = controller.structs()
for addr in controller.functions():
    function = controller.function(addr)
    for _, arg in function.args.items():
        if arg.type in structs:
            print(f"Argument {arg} is a struct type: {structs[arg.type]}")
    print(f"Analyzed function (lifted form): {controller.lift_artifact(function)}")

Here is a snippet of the output in Binja (which looks very similar in IDA and angr):

...
Analyzed function (lifted form): <Function: void frame_dummy(args=0); @0x400640 vars=2 len=0x22>
Analyzed function (lifted form): <Function: long authenticate(args=2); @0x400664 vars=7 len=0x89>
Analyzed function (lifted form): <Function: long accepted(args=0); @0x4006ed vars=2 len=0x10>
Analyzed function (lifted form): <Function: long rejected(args=0); @0x4006fd vars=2 len=0x20>
Analyzed function (lifted form): <Function: int main(args=3); @0x40071d vars=9 len=0xb8>
...

To understand what is available, it's best to look at the controller code, as well as what data is available in artifacts you care about.

Project details


Release history Release notifications | RSS feed

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

binsync-3.10.2.tar.gz (107.4 kB view hashes)

Uploaded Source

Built Distribution

binsync-3.10.2-py3-none-any.whl (134.4 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page