Information Flow Control library for binaries using angr
Project description
Binary Information Flow Analysis tool using Angr
Angr_information_flow_analysis is an angr IFC analysis tool for unix binaries.
Install
Install using pip install information-flow-analysis
.
Usage of analyze
Information Flow Analysis object
import angr
import claripy
from information_flow_analysis import analysis
def main():
proj = angr.Project('implicit3.out', load_options={'auto_load_libs':False})
sym_arg_size = 15
arg0 = claripy.BVS('arg0', 8*sym_arg_size)
state = proj.factory.entry_state(args=['./implicit3.out', arg0])
high_addrs = [0x4011a6, 0x4011a9]
ifa = analysis.InformationFlowAnalysis(proj=proj,state=state,start="main",high_addrs=high_addrs)
ifa.analyze()
return 0
if __name__ == "__main__":
main()
Usage of find_explicit_leaks
Information Flow Analysis object
import angr
import claripy
from information_flow_analysis import analysis
def main():
proj = angr.Project('implicit3.out', load_options={'auto_load_libs':False})
sym_arg_size = 15
arg0 = claripy.BVS('arg0', 8*sym_arg_size)
state = proj.factory.entry_state(args=['./implicit3.out', arg0])
high_addrs = [0x4011a6, 0x4011a9]
ifa = analysis.InformationFlowAnalysis(proj=proj,state=state,start="main",high_addrs=high_addrs)
ifa.find_explicit_leaks()
return 0
if __name__ == "__main__":
main()
Output relevant graphs
Output CFGS
Use out.cfgs()
in order to print all relevant control flow graphs in an seperate /out
folder.
An example of this is could be:
import angr
import claripy
from information_flow_analysis import out
def main():
proj = angr.Project('implicit3.out', load_options={'auto_load_libs':False})
sym_arg_size = 15
arg0 = claripy.BVS('arg0', 8*sym_arg_size)
state = proj.factory.entry_state(args=['./implicit3.out', arg0])
out.cfgs()
return 0
if __name__ == "__main__":
main()
Generally you want to look at the cfg_fast.pdf
as it contains relevant information about instructions. This CFG is also very relevant in order to locate which high_addrs
you will make confidential.
Output all relevant graphs within the InformationFlowAnalysis
object
Use IFA.draw_everything()
in order to print all relevant graphs contained in the IFA
-object in an seperate /out
folder.
An example of this is could be:
import angr
import claripy
from information_flow_analysis import analysis
def main():
proj = angr.Project('implicit3.out', load_options={'auto_load_libs':False})
sym_arg_size = 15
arg0 = claripy.BVS('arg0', 8*sym_arg_size)
state = proj.factory.entry_state(args=['./implicit3.out', arg0])
high_addrs = [0x4011a6, 0x4011a9]
ifa = analysis.InformationFlowAnalysis(proj=proj,state=state,start="main",high_addrs=high_addrs)
ifa.draw_everything()
return 0
if __name__ == "__main__":
main()
This is primarily used to debugging purposes or if you manually want to check for leaks. (NOTE: That you need to supply high_addrs
in order to do this)
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distribution
File details
Details for the file information_flow_analysis-0.1.5-py3-none-any.whl
.
File metadata
- Download URL: information_flow_analysis-0.1.5-py3-none-any.whl
- Upload date:
- Size: 22.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.4.1 importlib_metadata/4.0.1 pkginfo/1.7.0 requests/2.25.1 requests-toolbelt/0.9.1 tqdm/4.60.0 CPython/3.9.1
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | ece2b062542af87de8f385a86809ab69ea59327793898da2be7af4ab09204cec |
|
MD5 | 84247c6f910d800b8a80db394d68e55c |
|
BLAKE2b-256 | 701d3cac7feb5f8367142bfc3c2619941b7314ecd55b5cdc93cf416529172e35 |