/iBoot64Binja

Binary View plugin for reverse engineering iBoot like binaries with Binary Ninja

Primary LanguagePythonMIT LicenseMIT

iBoot64Binja (v1.0)

Binary View for loading iBoot, SecureROM, etc. firmware

Description

Binary Ninja Binary View plugin for analyzing iBoot, SecureROM, etc. heavily inspired by argp's iBoot64helper IDA loader.

  • Identifies iBoot / SecureROM firmwares
  • Finds target load address and performs rebase for accurate analysis
  • Restores some interesting symbols based on various heuristics

Installation Instructions

Darwin

Copy to ~/Library/Application Support/Binary Ninja/plugins/ or use Plugin Manager

Windows

Copy to %APPDATA%\Binary Ninja\plugins or use Plugin Manager

Linux

Copy to ~/.binaryninja/plugins/ or use Plugin Manager

Minimum Version

This plugin has been tested with the following minimum version of Binary Ninja:

  • 2.1.2263

Documentation

Documentation on current heuristics, etc. is here.

License

This plugin is released under a MIT license.

Acknowledgments

  • Argp's iBoot64Helper iBoot loader for IDA Pro inspired the initial development of this plugin
  • binja_sigmaker inspired the current wildcard signature matching for the bytesig heuristic