Practical Dependence Analysis for Binary Executables by Unbiased Whole-program Path Sampling and Per-path Abstract Interpretation
Please install radare2 on your machine first. Note that we do not support the newest version radare2 (we will support it in upcoming source code), due to its fast development. Thus, please use following commands to install radare2.
git clone https://github.com/radare/radare2.git
cd radare2/
git checkout 5d698c76ae8a94226532b67711983e38221f21d2 .
sys/user.sh
echo "PATH=\$PATH:\$HOME/bin" >> ~/.bashrcAfter that, all the executable could run directly on Ubuntu 16.04.
-
rexe: Sampling-based abstract interpreter -
rgdb: GDB for sampling-based abstract interpretr -
rdep: Sampling-based posterior analyzer -
rinfo: Binary basic information dumper
./rexe -t <sample.time> <binary>
./rdep -d <refer.dep> <binary>You can also set log level for more information.
RUST_LOG=info ./rexe -t <sample.time> <binary>
RUST_LOG=info ./rdep -d <refer.dep> <binary>In the following demo, we sampled 181.mcf for 300 times. At last, we got 2 Missing Dependence and 141 More Dependence, compared with 2050 Refer Dependence.
Additionally, rgdb could help you dig into more internal data of abstract interpreter.
./rgdb <binary>