Home News Forum Articles
  Welcome back Join CF
You are here You are here: Home | Forum | Binary Ninja

You are currently viewing our boards as a guest which gives you limited access to view most of the discussions, articles and other free features. By joining our Virgin Media community you will have full access to all discussions, be able to view and post threads, communicate privately with other members (PM), respond to polls, upload your own images/photos, and access many other special features. Registration is fast, simple and absolutely free so please join our community today.


Welcome to Cable Forum
Go Back   Cable Forum > Computers & IT > Security & Virus Discussion

Binary Ninja
Reply
 
Thread Tools
Old 05-10-2017, 21:33   #1
Ignitionnet
Inactive
 
Join Date: Jun 2008
Location: Leeds, West Yorkshire
Age: 45
Posts: 13,996
Ignitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny stars
Ignitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny stars
Binary Ninja

Anyone used this software?

https://binary.ninja/

The demo was a pleasure to use and this could save me a bunch of time, just trying to collect experiences from people before I lay down the cash.
Ignitionnet is offline   Reply With Quote
Advertisement
Old 09-10-2017, 00:33   #2
Qtx
CF's Worst Nightmare
 
Join Date: May 2012
Location: Probably outside the M25
Services: Sky Fibre Unlimited 40/10
Posts: 3,473
Qtx has a bronzed appealQtx has a bronzed appeal
Qtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appeal
Re: Binary Ninja

Guess it depends on what you want to reverse or decompile. Binary Ninja is picking up traction due to it's nice interface and mostly price.

Radare2 and IDA with plugins covers more file formats and architectures. If you only need to reverse exe's and the basic stuff, then Binary Ninja should be fine.

With IDA being the industry standard you will likely get much better community support with it. Something else to consider.

A slightly biased comparison chart but you are only really interesting in the first few tables anyway: http://rada.re/r/cmp.html

Chinese hackers crowd fund buying expensive tools and a recent spat where 40 people put in to the pot for IDA 7 for mac/windows and most it's plugins ended up with a few of the group trying to sell the software to recoup some money. The others got upset over this and released it to all for free. So if you search for 'IDA 7 Leak', you would come across this leak. Just another avenue if you considered comparing
Qtx is offline   Reply With Quote
Old 24-10-2017, 10:07   #3
Ignitionnet
Inactive
 
Join Date: Jun 2008
Location: Leeds, West Yorkshire
Age: 45
Posts: 13,996
Ignitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny stars
Ignitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny stars
Re: Binary Ninja

This is now sorted.

Anyone know how to understand these opcodes?
Ignitionnet is offline   Reply With Quote
Old 07-11-2017, 13:08   #4
Qtx
CF's Worst Nightmare
 
Join Date: May 2012
Location: Probably outside the M25
Services: Sky Fibre Unlimited 40/10
Posts: 3,473
Qtx has a bronzed appealQtx has a bronzed appeal
Qtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appeal
Re: Binary Ninja

Code:
section .data
text: db "Here be demons...I mean, here is where the fun starts Ignition", 0x0A
len: equ $-text

section .text
    global _start

_start:
    push 0

    loop:
        mov eax, 4
        mov ebx, 1
        mov ecx, text
        mov edx, len
        int 0x80

        inc dword [esp]
        cmp dword [esp], 500
        jl loop

    pop edx
    mov eax, 1
    mov ebx, 0
    int 0x80
Qtx is offline   Reply With Quote
Old 07-11-2017, 14:45   #5
Paul
Dr Pepper Addict
Cable Forum Team
 
Paul's Avatar
 
Join Date: Oct 2003
Location: Nottingham
Age: 61
Services: VM Phone : Sky Mobile : Sky TV : VM BB (1000 Mbps) : Aquiss FTTP (330 Mbps)
Posts: 27,585
Paul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered stars
Paul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered stars
Re: Binary Ninja

Quote:
Originally Posted by Ignitionnet View Post
Anyone know how to understand these opcodes?
I used to program in 6502 op code (many years ago now).

Its not that hard to do (or follow) once you have a lookup of what all the codes actually do.
(which is mostly just moving data from memory to registers and back again).
__________________

Baby, I was born this way.
Paul is offline   Reply With Quote
Old 07-11-2017, 16:48   #6
Qtx
CF's Worst Nightmare
 
Join Date: May 2012
Location: Probably outside the M25
Services: Sky Fibre Unlimited 40/10
Posts: 3,473
Qtx has a bronzed appealQtx has a bronzed appeal
Qtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appeal
Re: Binary Ninja

Quote:
Originally Posted by Paul M View Post
(which is mostly just moving data from memory to registers and back again).
mov (%ebx), %eax = Load 4 bytes from the memory address in EBX into EAX.

The ebx and eax type codes are registers and memory addresses.

If you are de-compiling malware you want to watch for the code jumping to memory locations (jmp) and if the commands are changing registers or data at the locations, via mov or push type codes. You can tell the type of register by the e** code. Very simplified and probably worded wrong :P
Qtx is offline   Reply With Quote
Old 07-11-2017, 19:44   #7
heero_yuy
Perfect Soldier
 
heero_yuy's Avatar
 
Join Date: Mar 2009
Location: Worthing West Sussex
Age: 66
Services: VM 500M SH3 thingy in modem mode XL TV V6 Sony Bravia smart TV and M phone
Posts: 10,959
heero_yuy is seeing silvered starsheero_yuy is seeing silvered starsheero_yuy is seeing silvered starsheero_yuy is seeing silvered stars
heero_yuy is seeing silvered starsheero_yuy is seeing silvered starsheero_yuy is seeing silvered starsheero_yuy is seeing silvered starsheero_yuy is seeing silvered starsheero_yuy is seeing silvered starsheero_yuy is seeing silvered starsheero_yuy is seeing silvered starsheero_yuy is seeing silvered starsheero_yuy is seeing silvered starsheero_yuy is seeing silvered starsheero_yuy is seeing silvered starsheero_yuy is seeing silvered starsheero_yuy is seeing silvered starsheero_yuy is seeing silvered starsheero_yuy is seeing silvered stars
Re: Binary Ninja

Wow, takes me back to breaking dongle protected code. Just locate all the program points that called INT21: Exit to DOS services. Backtrack a bit and find the test for leave or stay. Patched to stay and try each one. Job done.
__________________
History is much like an endless waltz: The three beats of war, peace and revolution continue on forever.
However history will change with my coronation - Mariemaia Khushrenada
heero_yuy is online now   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +1. The time now is 12:34.


Server: osmium.zmnt.uk
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.