Partial Automation of an Integration Reverse Engineering Environment of Binary Code Author : Cristina Cifuentes Reverse Engineering, 1996., Proceedings.

Slides:

Advertisements

Similar presentations

1 CIS 461 Compiler Design and Construction Fall 2014 Instructor: Hugh McGuire slides derived from Tevfik Bultan, Keith Cooper, and Linda Torczon Lecture-Module.

Advertisements

8. Code Generation. Generate executable code for a target machine that is a faithful representation of the semantics of the source code Depends not only.

CS 31003: Compilers Introduction to Phases of Compiler.

Decompilation of Binary Programs Christina Cifuentes & K. John Gough School of Computing Science Queensland University of Technology Presented by Conny.

The Assembly Language Level

Programming Languages Marjan Sirjani 2 2. Language Design Issues Design to Run efficiently : early languages Easy to write correctly : new languages.

Systems Software.

CSI 3125, Preliminaries, page 1 Programming languages and the process of programming –Programming means more than coding. –Why study programming languages?

Intermediate Representation I High-Level to Low-Level IR Translation EECS 483 – Lecture 17 University of Michigan Monday, November 6, 2006.

The Design of a Resourceable and Retargetable Binary Translator Cristina Cifuentes Sixth Working Conference on Reverse Engineering On page(s):

Chapter 16 Programming and Languages: Telling the Computer What to Do.

Chapter 1 Introduction to C Programming. 1.1 INTRODUCTION This book is about problem solving with the use of computers and the C programming language.

CMP 131 Introduction to Computer Programming Violetta Cavalli-Sforza Week 1, Lab.

3-1 3 Compilers and interpreters  Compilers and other translators  Interpreters  Tombstone diagrams  Real vs virtual machines  Interpretive compilers.

1.3 Executing Programs. How is Computer Code Transformed into an Executable? Interpreters Compilers Hybrid systems.

Lecture 2 Phases of Compiler. Preprocessors, Compilers, Assemblers, and Linkers Preprocessor Compiler Assembler Linker Skeletal Source Program Source.

September 7, September 7, 2015September 7, 2015September 7, 2015 Azusa, CA Sheldon X. Liang Ph. D. Computer Science at Azusa Pacific University.

ICS611 Introduction to Compilers Set 1. What is a Compiler? A compiler is software (a program) that translates a high-level programming language to machine.

Chapter 1. Introduction.

Chapter 1 Introduction Dr. Frank Lee. 1.1 Why Study Compiler? To write more efficient code in a high-level language To provide solid foundation in parsing.

1 History of compiler development 1953 IBM develops the 701 EDPM (Electronic Data Processing Machine), the first general purpose computer, built as a “defense.

Compiler Construction1 COMP Compiler Construction Lecturer: Dr. Arthur Cater Teaching Assistant:

CST320 - Lec 11 Why study compilers? n n Ties lots of things you know together: –Theory (finite automata, grammars) –Data structures –Modularization –Utilization.

CS266 Software Reverse Engineering (SRE) Reversing and Patching Java Bytecode Teodoro (Ted) Cipresso,

Unit-1 Introduction Prepared by: Prof. Harish I Rathod

1.  10% Assignments/ class participation  10% Pop Quizzes  05% Attendance  25% Mid Term  50% Final Term 2.

Compiler Testing Lavinder Singh CSS 548 Autumn 2012.

1 Chapter 1 Introduction. 2 Outlines 1.1 Overview and History 1.2 What Do Compilers Do? 1.3 The Structure of a Compiler 1.4 The Syntax and Semantics of.

Chapter 1 Introduction. Chapter 1 - Introduction 2 The Goal of Chapter 1 Introduce different forms of language translators Give a high level overview.

1. 2 Preface In the time since the 1986 edition of this book, the world of compiler design has changed significantly 3.

Introduction to Compilers. Related Area Programming languages Machine architecture Language theory Algorithms Data structures Operating systems Software.

Overview of Previous Lesson(s) Over View  A program must be translated into a form in which it can be executed by a computer.  The software systems.

Chapter 1 Introduction Study Goals: Master: the phases of a compiler Understand: what is a compiler Know: interpreter,compiler structure.

Introduction to Compiling

1 Compiler Construction (CS-636) Muhammad Bilal Bashir UIIT, Rawalpindi.

Chapter# 6 Code generation.  The final phase in our compiler model is the code generator.  It takes as input the intermediate representation(IR) produced.

Compiler Design Introduction 1. 2 Course Outline Introduction to Compiling Lexical Analysis Syntax Analysis –Context Free Grammars –Top-Down Parsing –Bottom-Up.

Compiler Introduction 1 Kavita Patel. Outlines 2  1.1 What Do Compilers Do?  1.2 The Structure of a Compiler  1.3 Compilation Process  1.4 Phases.

Chapter 1 Introduction. Chapter 1 -- Introduction2  Def: Compiler --  a program that translates a program written in a language like Pascal, C, PL/I,

Chapter 1: Introduction 1 Compiler Designs and Constructions Chapter 1: Introduction Objectives: Course Objectives Introduction Dr. Mohsen Chitsaz.

 Chapter 2 Language Processors Fall Chart 2  Translators and Compilers  Interpreters  Real and Abstract Machines  Interpretive Compilers 

The Model of Compilation Natawut Nupairoj, Ph.D. Department of Computer Engineering Chulalongkorn University.

1 Compiler & its Phases Krishan Kumar Asstt. Prof. (CSE) BPRCE, Gohana.

What is a compiler? –A program that reads a program written in one language (source language) and translates it into an equivalent program in another language.

Compiler Construction CPCS302 Dr. Manal Abdulaziz.

CSC 4181 Compiler Construction

1 Asstt. Prof Navjot Kaur Computer Dept PRESENTED BY.

ICS312 Introduction to Compilers Set 23. What is a Compiler? A compiler is software (a program) that translates a high-level programming language to machine.

CS 404Ahmed Ezzat 1 CS 404 Introduction to Compiler Design Lecture 10 Ahmed Ezzat.

Presented by : A best website designer company. Chapter 1 Introduction Prof Chung. 1.

1 Compiler Construction (CS-636) Muhammad Bilal Bashir UIIT, Rawalpindi.

Some of the utilities associated with the development of programs. These program development tools allow users to write and construct programs that the.

What Do Compilers Do 1 A compiler acts as a translator, transforming human-oriented programming languages into computer-oriented machine languages. Ignore.

LLVM IR, File - Praakrit Pradhan. Overview The LLVM bitcode has essentially two things A bitstream container format Encoding of LLVM IR.

Objective of the course Understanding the fundamentals of the compilation technique Assist you in writing you own compiler (or any part of compiler)

Introduction to computer software. Programming the computer Program, is a sequence of instructions, written to perform a specified task on a computer.

A Single Intermediate Language That Supports Multiple Implemtntation of Exceptions Delvin Defoe Washington University in Saint Louis Department of Computer.

Advanced Computer Systems

PRINCIPLES OF COMPILER DESIGN

Chapter 1 Introduction.

Introduction to Compiler Construction

Compiler Construction (CS-636)

Compilers Principles, Techniques, & Tools Taught by Jing Zhang

Chapter 1 Introduction.

课程名编译原理 Compiling Techniques

Compiler Construction

Introduction to System Programming

CMP 131 Introduction to Computer Programming

Review: What is an activation record?

Intermediate Code Generating machine-independent intermediate form.

Presentation transcript:

Partial Automation of an Integration Reverse Engineering Environment of Binary Code Author : Cristina Cifuentes Reverse Engineering, 1996., Proceedings of the Third Working Conference on On page(s): Nov Monterey, CA, USA

Introduction What’s the problem?  Investment made on software when newer machine is available. Two points of view for migration of software:  From a commercial view: Software needs to be available on the new machine at the same time.  From a software developer’s point of view: Software developed in-house is an investment and asset to an organization. Software migration is not a trivial problem!!

Four approaches to solve this problem Use a native compiler to compile the source code for the new platform. Emulation of old machine’s instructions using micro-code hardware in new machine. Emulation of old machine’s instructions in software in new machine. Binary translation

Problems On using a native compiler to compile the source code:  Compilation requires access to all source code, which may not be feasible. On Emulation of old machine’s instructions using micro-code hardware  It’s requires special micro-programmable hardware, which is not include in today’s RISC machine. On Emulation of old machine’s instructions in software  Software emulation is easy to implement but slow.

Structure of a Binary Translator and a De-compiler Front-end:  The front-end is a machine-dependent module that loads the source binary program, disassembles it, and translates it into an intermediate representation. Middle-end:  Performs the code analysis for the translation, and performs optimizations on the code Back-end:  It is a target machine-dependent module that generates code for the target machine

Integrated Reverse Engineering Environment for Binary Code

A Compiler’s Structure

An Integrated Reverse Engineering Environment for Binary Code Loader Disassembler  Signature generator  Prototype generator  New Jersey machine-code toolkit (NJMC) Idiom analyzer Control flow graph generator UBM/UDM

Loader Just like the operating system loader. Read the binary file by decoding the binary-file format used to store the program, and determine the file’s structure (instructions, tables, symbol tables).

Disassembler Parses the binary image of the program and translates it to assembler or some equivalent representation. It parsed starting at the entry point and following all paths from this point. Analysis address of indexed and indirect jumps or calls

Idiom analyzer Detect idioms and translates the sequence of instructions into intermediate instructions. An idiom is a sequence o instructions that has a special meaning that can't be derived from semantics of the individual instructions alone. Examples:  ARM : bl foo  X86 Sub ax,immedLo Sbb ax,immedHi = sub dx:ax, immedHi:immedLo

Control flow graph generator Constructs a control flow graph for each subroutine of the program. The control flow graph is part of the intermediate representation of any reverse engineering tool that deals with binary code.

Second Generation Tools Signature generator  Automatically determines library signatures Prototype generator  Automatically determines the types of the formal arguments of library subroutines, and the type of the return value for functions. New Jersey machine-code toolkit (NJMC)  Facilitate the decoding of machine instructions by provide a specification language to define machine instructions.

UBM/UDM Universal binary-translation machine  Generates binary programs for target machine Universal decompilation machine  Generates high-level language (like C).

Conclusions This paper presents an integrated environment for the reverse engineering of binary programs. Such environment is suitable for the development of disassemblers, binary translators and decompilers. Make retargetable techniques essential in order to develop such tools for a variety of machines rather than for one specific machine.