B2R2 is a collection of useful algorithms, functions, and tools for binary analysis written purely in F# (in .NET lingo, it is purely managed code).
It has been named after R2-D2, a famous fictional robot appeared in the Star Wars. In fact, B2R2’s original name was B2-R2, but we decided to use the name B2R2 instead, because .NET does not allow dash (-) characters in identifiers (or namespaces).
The name essentially represents “binary” or “two”: “binary” itself means “two” states anyways. “B” and “2” mean “binary”, and “R” indicates reversing.
What is B2R2 ?
Also Read – GiveMeSecrets : Use Regular Expressions To Get Sensitive Information
BinExplorer
, which can help explore such features using a simple command line interface.B2R2 relies on a tiny set of external .NET libraries, and our design principle is to use a minimum number of libraries. Below is a list of libraries that we leverage.
Example
Let’s try to use B2R2 APIs.
DIRNAME
: mkdir DIRNAME
dotnet
command line: $ dotnet new console -lang F#
$ dotnet add package B2R2.FrontEnd
Program.fs
file with your favorite editor as follows: open B2R2
open B2R2.FrontEnd
[<EntryPoint>]
let main argv =
let isa = ISA.OfString “amd64”
let bytes = [| 0x65uy; 0xffuy; 0x15uy; 0x10uy; 0x00uy; 0x00uy; 0x00uy |]
let handler = BinHandler.Init (isa, bytes)
let ins = BinHandler.ParseInstr handler 0UL
ins.Translate handler.TranslationContext |> printfn “%A”
0
dotnet run
. You will be able see lifted IR statements from your console. That’s it! You just lifted an Intel instruction with only few lines of F# code! Building B2R2 is fun and easy. All you need to do is to install .NET Core SDK 3.0 or above. Yea, that’s it!
make release
or dotnet build -c Release
in the source root.make
, or dotnet build
in the source root.For your information, please visit the official web site of F# to get more tips about installing the development environment for F#:
There are many other great tools available, but we wanted to build a functional-first binary analysis platform that is painless to install and runs on any platform without any hassle.
B2R2 is in its infancy stage, but we believe it provides a rich set of library functions for binary analysis.
It also has a strong front-end that is easily adaptable and extendible! Currently it reliably supports x86 and x86-64, meaning that we have heavily tested them; and it partially supports ARMv7 (and Thumb), ARMv8, MIPS32, and MIPS64, meaning that they work, but we haven’t tested them thorougly yet.
Below is a list of features that we plan to add in the future: the list is totally incomplete. Some of them are work in progress, but we look forward your contributions!
Credits: Members in SoftSec Lab
Kali Linux 2024.4, the final release of 2024, brings a wide range of updates and…
This Go program applies a lifetime patch to PowerShell to disable ETW (Event Tracing for…
GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…
Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders…
The free and open-source security platform SecHub, provides a central API to test software with…
Don't worry if there are any bugs in the tool, we will try to fix…