"Be a Binary Rockstar: An Introduction to Program Analysis with Binary Ninja"
This talk will explore program analysis on compiled code, where source is not available. Many static program analysis tools, such as LLVM passes, depend on the ability to compile source to bitcode, and cannot operate on binaries. A solution to this problem will be explained and demonstrated using the new Intermediate Language (IL) in Binary Ninja. Binary Ninja IL will be described, providing a basic understanding of how to write analyses using it.
This talk will describe and release a tool in Binary Ninja IL for automated discovery of a simple memory corruption vulnerability and demonstrate it on a CTF binary. The concepts of variable analysis, abstract interpretation, and integer range analysis will be discussed in the context of vulnerability discovery.
Binary Ninja Plugins
Abstract interpretation using lattices to analyse the possible sign of a variable at any point in a program.
A simple plugin demonstrating the binja headless api for python. Finds memcpy's and cooresponding src/dst information. The plguin can be moditified to find argument information for other function calls.
A plugin template to walk the binja CFG using the depth-first search algorithm (aka path sensitive, one path traversed at a time)