/mcsema_blog_post

Lifting and Diversifying Binaries (blog post accompanying materials)

Primary LanguageShell

Lifting and Diversifying C++ Binaries

This repository accompanies the Trail of Bits blog post discussing how to use mcsema with Immunant's multicompiler to lift and diversify binaries.

The Example Program

The sample program uses stack variables, global variables, and C++ exceptions to showcase features of both McSema and the multicompiler.

Prerequisites

Please install Immunant's multicompiler as described in their blog post.

To install McSema, please follow the McSema installation instructions.

The version of remill and mcsema installed must be built against LLVM 3.8 (to match the multicompiler) and include ABI library support.

The following invocation of remill's build.sh should give the correct remill and McSema builds:

scripts/build.sh --llvm-version 3.8 --prefix <your installation location> --extra-cmake-args -DMCSEMA_DISABLED_ABI_LIBRARIES:STRING=\"\"

Currently the variable recovery scripts require IDA Pro.

Further Reading