一种基于angr的Mach-O分析框架设计与实现
首发时间:2019-01-28
摘要:Mach-O二进制的运行依赖于一个运行时系统,这使得Mach-O二进制的分析与普通二进制分析有很大的出入。本文从二进制的基础分析方法CFG生成出发,指出当前通用二进制解析框架在Mach-O分析中的缺陷,针对性的提出了一个面向Mach-O二进制的CFG恢复方案。随后,在angr框架的基础上设计并实现了一个面向Mach-O的二进制分析框架MachOA,该框架补充了对Mach-O的分析支持,模拟Mach-O的运行时系统来引导分析流程,通过模拟运行时功能来处理动态特性对二进制分析造成的干扰。最后,通过调用图生成的对比实验验证了MachOA在对Mach-OCFG生成上的有效性,可以解决原angr框架无法识别函数间控制流转移的问题。
For information in English, please click here
A Mach-O binary analysis framework based on angr
Abstract:The explosion of iOS apps brings out the demand of automated binary analysis of Mach-O, the executable file format of iOS application. However, it\'s difficult to analyze the Mach-O file because of the runtime-oriented characteristic of its development language. In order to solve CFG recovery problem, this paper proposed a CFG recovery scheme, and implemented a Mach-O binary analysis framework named MachOA based on the angr framework. By simulating the Objective-C Runtime, the MachOA tries to guide the process of symbol executionand recover the runtime information. Experiments with CFG generation and call graph extraction demonstrate the effectiveness of the scheme and framework.
Keywords: iOS Binary analysis Runtime simulation
基金:
引用
No.****
动态公开评议
共计0人参与
勘误表
一种基于angr的Mach-O分析框架设计与实现
评论
全部评论0/1000