Skip to main content

Information Flow Control library for binaries using angr

Project description

Binary Information Flow Analysis tool using Angr

Angr_information_flow_analysis is an angr IFC analysis tool for unix binaries.

Install

Install using pip install information-flow-analysis.

Usage of analyze Information Flow Analysis object

import angr
import claripy
from information_flow_analysis import analysis

def main():
    proj = angr.Project('implicit3.out', load_options={'auto_load_libs':False})

    sym_arg_size = 15
    arg0 = claripy.BVS('arg0', 8*sym_arg_size)
    state = proj.factory.entry_state(args=['./implicit3.out', arg0])

    high_addrs = [0x4011a6, 0x4011a9]

    ifa = analysis.InformationFlowAnalysis(proj=proj,state=state,start="main",high_addrs=high_addrs)
    ifa.analyze()
    return 0
    
if __name__ == "__main__":
    main()

Usage of find_explicit_leaks Information Flow Analysis object

import angr
import claripy
from information_flow_analysis import analysis

def main():
    proj = angr.Project('implicit3.out', load_options={'auto_load_libs':False})

    sym_arg_size = 15
    arg0 = claripy.BVS('arg0', 8*sym_arg_size)
    state = proj.factory.entry_state(args=['./implicit3.out', arg0])

    high_addrs = [0x4011a6, 0x4011a9]

    ifa = analysis.InformationFlowAnalysis(proj=proj,state=state,start="main",high_addrs=high_addrs)
    ifa.find_explicit_leaks()
    return 0
    
if __name__ == "__main__":
    main()

Output relevant graphs

Output CFGS

Use out.cfgs() in order to print all relevant control flow graphs in an seperate /out folder.

An example of this is could be:

import angr
import claripy
from information_flow_analysis import out

def main():
    proj = angr.Project('implicit3.out', load_options={'auto_load_libs':False})

    sym_arg_size = 15
    arg0 = claripy.BVS('arg0', 8*sym_arg_size)
    state = proj.factory.entry_state(args=['./implicit3.out', arg0])

    out.cfgs()
    return 0
    
if __name__ == "__main__":
    main()

Generally you want to look at the cfg_fast.pdf as it contains relevant information about instructions. This CFG is also very relevant in order to locate which high_addrs you will make confidential.

Output all relevant graphs within the InformationFlowAnalysis object

Use IFA.draw_everything() in order to print all relevant graphs contained in the IFA-object in an seperate /out folder.

An example of this is could be:

import angr
import claripy
from information_flow_analysis import analysis

def main():
    proj = angr.Project('implicit3.out', load_options={'auto_load_libs':False})

    sym_arg_size = 15
    arg0 = claripy.BVS('arg0', 8*sym_arg_size)
    state = proj.factory.entry_state(args=['./implicit3.out', arg0])

    high_addrs = [0x4011a6, 0x4011a9]

    ifa = analysis.InformationFlowAnalysis(proj=proj,state=state,start="main",high_addrs=high_addrs)
    ifa.draw_everything()
    return 0
    
if __name__ == "__main__":
    main()

This is primarily used to debugging purposes or if you manually want to check for leaks. (NOTE: That you need to supply high_addrs in order to do this)

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release.See tutorial on generating distribution archives.

Built Distribution

information_flow_analysis-0.1.5-py3-none-any.whl (22.3 kB view details)

Uploaded Python 3

File details

Details for the file information_flow_analysis-0.1.5-py3-none-any.whl.

File metadata

  • Download URL: information_flow_analysis-0.1.5-py3-none-any.whl
  • Upload date:
  • Size: 22.3 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.4.1 importlib_metadata/4.0.1 pkginfo/1.7.0 requests/2.25.1 requests-toolbelt/0.9.1 tqdm/4.60.0 CPython/3.9.1

File hashes

Hashes for information_flow_analysis-0.1.5-py3-none-any.whl
Algorithm Hash digest
SHA256 ece2b062542af87de8f385a86809ab69ea59327793898da2be7af4ab09204cec
MD5 84247c6f910d800b8a80db394d68e55c
BLAKE2b-256 701d3cac7feb5f8367142bfc3c2619941b7314ecd55b5cdc93cf416529172e35

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page