mirrors
/
qira
mirror of https://github.com/geohot/qira
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,123 Commits 9 Branches 2 Tags 125 MiB
Commit Graph

363 Commits

Author SHA1 Message Date
Ned Williamson 2385f8fc9a don't assume registers are in reginfo if we ignore them. relabel r12 as ip: is this safe across the codebase? x86 well tested, arm is still pretty questionable quality ATM 2016-01-24 00:53:32 -05:00
Ned Williamson cb1527687e I'm going to be cleaning up that crappy thumb patch forever. 2015-12-16 20:36:20 -05:00
Ned Williamson ded47fb203 dynamic instruction resolution in progress 2015-12-16 17:12:00 -05:00
Petercommand 743298aa44 limit port range of socat_port to 1-65534 since qira_config.FORK_PORT is assigned args.socat_port + 1 2015-12-07 01:36:08 +08:00
Ned Williamson 7c53e5339a slightly cleaner keyboardinterrupt 2015-11-09 15:43:04 -05:00
Ned Williamson b41354c2c8 inform user about pintool 2015-11-01 23:56:15 -05:00
George Hotz 1336a6e1f8 start static2 caching, shouldn't be deleted on exit 2015-09-04 00:02:24 -07:00
George Hotz 7c0621ac4b add broken angr tracer 2015-09-03 14:18:07 +00:00
George Hotz 7b48cfd875 clean up the args for static 2015-08-27 22:58:16 +00:00
George Hotz 6e23c432ea final solution to static, turned off by default but -S works to enable it 2015-08-27 08:19:35 +00:00
George Hotz 6bdf1809ca refactor size, and add string naming 2015-08-26 02:35:00 +00:00
George Hotz 0173e8059f going to demo static tomorrow, fix in trunk 2015-08-25 02:04:58 +00:00
Ryan Goulden 2fe015a71f new image saving strategy 2015-08-22 01:07:44 -07:00
Tim Becker 1eeedd2eed Account for branch delay slot in depth map 2015-08-16 18:09:54 -04:00
Ned Williamson fa52eaeb5c load new libraries from fetchlibs 2015-08-12 01:31:20 -04:00
Tim Becker 02e49b0f62 Add missing register 2015-08-11 23:00:43 -04:00
Tim Becker d99025af5c Add support for little endian mips 2015-08-11 22:24:36 -04:00
George Hotz 3f36b392bf disable static by default, pushing to v3 2015-08-11 04:08:43 -07:00
George Hotz 9e63a7d834 bap days are over 2015-08-11 01:25:31 -07:00
Ned Williamson 3313476186 Merge pull request #107 from nedwill/fix_analyzer_crash 
Fix Analyzer Crash
 2015-03-29 15:26:01 -04:00
Ned Williamson 5f3e49bdb2 fix analyzer crash 2015-03-29 01:33:36 -04:00
Ned Williamson 4ba02adda0 Better handle recursion in depth map. 2015-03-28 20:58:11 -04:00
Tim Becker ff0fe66c9e Fixed reference to lib directory 2015-03-25 21:34:23 -04:00
George Hotz 58480ddc64 modified dir for pin as well 2015-03-24 00:48:35 -07:00
George Hotz 1aec90c6a4 move tracers into the tracers directory 2015-03-24 00:36:08 -07:00
Ned Williamson c8b9a56c89 fix thumb bug on UI 2015-03-21 15:59:35 -04:00
Tim Becker 11f36176ef Fixed bug where memory mapped regions would be incorrect when mapped with mmap2() 2015-03-19 17:21:24 -04:00
George Hotz 0564060a2c fix the analysis using is_call instead of hacks 2015-03-16 22:13:53 -07:00
George Hotz d722816883 it's time for static to be on by default 2015-03-16 21:44:09 -07:00
George Hotz 940f9fe971 switch bind address to 0.0.0.0 2015-03-16 21:32:03 -07:00
Ned Williamson e0d14859d3 respect with_static 2015-03-11 01:25:32 -04:00
Ned Williamson e0da2f9201 Don't rely on trace.maxclnum. 
Using trace.maxclnum here makes sense, but if the analysis
thread takes a long time to process large binaries,
trace.maxclnum will be None and the loop body never gets
executed. We will go out of bounds using clend at the end
of the trace, but get_instruction will return None and so
we still see the desired behavior in the UI.
 2015-03-09 19:29:34 -04:00
Ned Williamson 232dd8560b run static analysis in a thread so interface starts 2015-03-09 19:27:28 -04:00
Ivan Gotovchits 222d6da4f0 Add BAP as backend. 
This PR introduces bap as a backend for QIRA.
The backend is made optional, but is enabled by default.

This backend allows one to disassemble instructions for all platforms,
supported by LLVM (at the time of writing it is about 25 targets).

Also, to some platforms BAP will provide BIL and/or target specific
instructions, lifted to first class python values, as opposed to
strings.

A new instruction class is introduces, that will use BIL if available to
infer destinations, as well as to infer registers touched or modified by
the instruction. Using, BIL allows us to determine instructions like
`pop {r0, pc}` as calls, that, as a consequence, allows us to build a
more correct CFG. As a drawback on ARM platform the built CFG is so big,
that it takes a considerable amount of time just to draw it.

Since BAP can provide a reasonable analysis for all platforms, including
those that at the time of writing still doesn't have a BIL support, the
static analysis in QIRA will be always turned on.

BAP is installed using opam, and BAP Python bindings a downloaded
directly from the git repository using pip.

As a free bonus, this PR will also fix Travis CI issue.
 2015-01-29 09:21:05 -05:00
tyler 994dee0616 removing extra debug print statement 2014-11-28 18:47:59 -05:00
tyler 6afb591a1c Fixed an off by one bug in printing 2014-11-28 18:46:47 -05:00
George Hotz beb20467de fix fetch_memory 2014-11-28 19:42:37 +00:00
Tyler Nighswander 9d49fd3e72 Function argument detection is fancier now 2014-11-26 00:28:15 -08:00
Tyler Nighswander 2928a04ee9 Fixed some stupid bugs in displaying function call arguments 2014-11-23 01:46:34 -08:00
George Hotz 326e90dae1 quality 2014-11-23 09:31:16 +00:00
George Hotz 5724d241d5 merged 2014-11-23 09:26:43 +00:00
George Hotz 6c0e84bdf7 call hacks 2014-11-23 09:25:33 +00:00
Tyler Nighswander 8b288cc36e Fixed up manual arg fixup to be a bit more user friendly.. we don't want to keep hacking to be TOO elite 2014-11-23 01:23:58 -08:00
George Hotz bb7c23a16f cda dead code 2014-11-23 08:58:20 +00:00
Tyler Nighswander 89860cdde6 Less crappy now, won't break on other archs (probably) 2014-11-23 00:24:17 -08:00
Tyler Nighswander fe15741cfc Merge branch 'master' of github.com:tylerni7/qira 
Conflicts:
	web/client/controls.js
 2014-11-22 17:52:58 -08:00
Tyler Nighswander 1b5fd724e4 very hacky x86 specific stuff to dynamically detect arguments to functions 2014-11-22 17:51:41 -08:00
George Hotz 4671570b02 phantomjs tests yay 2014-11-23 01:43:08 +00:00
George Hotz 5b189b64e2 undefined works 2014-11-23 00:43:40 +00:00
George Hotz 2c85063c2b add strings and data and stufF 2014-11-23 00:25:48 +00:00