Bitte benutzen Sie diese Kennung, um auf die Ressource zu verweisen:
https://doi.org/10.21256/zhaw-29942| Publikationstyp: | Thesis: Bachelor |
| Titel: | Ghidrion : a Ghidra plugin to support symbolic execution |
| Autor/-in: | Flum, Silvan Huber, Valentin |
| Betreuer/-in / Gutachter/-in: | Wagner, Arno Gür, Gürkan Pfammatter, Damian |
| DOI: | 10.21256/zhaw-29942 |
| Umfang: | 62 |
| Erscheinungsdatum: | 2023 |
| Reihe: | Bachelorarbeiten ZHAW School of Engineering |
| Verlag / Hrsg. Institution: | ZHAW Zürcher Hochschule für Angewandte Wissenschaften |
| Verlag / Hrsg. Institution: | Winterthur |
| Sprache: | Englisch |
| Schlagwörter: | Symbolic execution; Ghidra; Vulnerability research; Binary analysis; Software reverse engineering |
| Fachgebiet (DDC): | 005: Computerprogrammierung, Programme und Daten |
| Zusammenfassung: | Symbolic execution is a powerful technique for automatic analysis of and reasoning about program behaviour, particularly in binary analysis. However, popular reverse engineering tools such as Ghidra lack native support for symbolic execution. Existing extensions advertising symbolic execution are limited in functionality, do not scale well enough to be employed on practical binaries and provide limited documentation. The Cyber-Defence Campus of armasuisse, as part of its vulnerability research program, has developed a proof-of-concept tool called Morion, that enables symbolic execution-based analysis of various vulnerability types on practical binaries. Previously, it had to be configured by manually writing configuration files. This thesis proposes Ghidrion, an open-source Ghidra plugin that leverages information gathered from Ghidra’s analysis tools to enhance analysts’ usage of Morion. Ghidrion suggests calls to external functions that can be hooked and simplifies configuring the setup necessary to run Morion. It further supports the analysis of Morion’s results by visually highlighting executed instructions and providing a side-by-side comparison of memory and register values at the beginning and end of the execution. Alongside the code, previously missing documentation on developing Ghidra plugins is provided. This thesis further proposes future research directions, such as improvements to Ghidra’s loader to match external functions to their libraries and added support for interactive Python shells to run Morion’s analysis modules from within Ghidra. |
| URI: | https://digitalcollection.zhaw.ch/handle/11475/29942 |
| Lizenz (gemäss Verlagsvertrag): | CC BY 4.0: Namensnennung 4.0 International |
| Departement: | School of Engineering |
| Enthalten in den Sammlungen: | Bachelorarbeiten ZHAW School of Engineering |
Dateien zu dieser Ressource:
| Datei | Beschreibung | Größe | Format | |
|---|---|---|---|---|
| 2023_Flum-Silvan_Huber-Valentin_BA_SoE.pdf | 5.38 MB | Adobe PDF |  Öffnen/Anzeigen |
Zur Langanzeige
Flum, S., & Huber, V. (2023). Ghidrion : a Ghidra plugin to support symbolic execution [Bachelor’s thesis, ZHAW Zürcher Hochschule für Angewandte Wissenschaften]. https://doi.org/10.21256/zhaw-29942
Flum, S. and Huber, V. (2023) Ghidrion : a Ghidra plugin to support symbolic execution. Bachelor’s thesis. ZHAW Zürcher Hochschule für Angewandte Wissenschaften. Available at: https://doi.org/10.21256/zhaw-29942.
S. Flum and V. Huber, “Ghidrion : a Ghidra plugin to support symbolic execution,” Bachelor’s thesis, ZHAW Zürcher Hochschule für Angewandte Wissenschaften, Winterthur, 2023. doi: 10.21256/zhaw-29942.
FLUM, Silvan und Valentin HUBER, 2023. Ghidrion : a Ghidra plugin to support symbolic execution. Bachelor’s thesis. Winterthur: ZHAW Zürcher Hochschule für Angewandte Wissenschaften
Flum, Silvan, and Valentin Huber. 2023. “Ghidrion : A Ghidra Plugin to Support Symbolic Execution.” Bachelor’s thesis, Winterthur: ZHAW Zürcher Hochschule für Angewandte Wissenschaften. https://doi.org/10.21256/zhaw-29942.
Flum, Silvan, and Valentin Huber. Ghidrion : A Ghidra Plugin to Support Symbolic Execution. ZHAW Zürcher Hochschule für Angewandte Wissenschaften, 2023, https://doi.org/10.21256/zhaw-29942.
Alle Ressourcen in diesem Repository sind urheberrechtlich geschützt, soweit nicht anderweitig angezeigt.