Translating Linux binaries with McSema

373 views
Skip to first unread message

anacl...@gmail.com

unread,
Sep 24, 2014, 4:06:14 PM9/24/14
to mcsem...@googlegroups.com
Hello,

I am currently trying to use McSema for Linux binary-to-LLVM translation. I ran the sample applications shipped with the source code of McSema, but I would be interested in recovering LLVM from an executable binary directly (not from the object file), similarly to the demo provided for calc.exe on Windows. However, I could not find an equivalent example in the documentation for Linux, so I just tried writing a simple source program in C which only prints out "Hello World" (compiled it with gcc -m32 to get the Linux executable). I then tried to redo the instructions from the calc.exe demo for recovering the imports for my executable from libc, generating the library stubs and recovering the cfg (also added some new calling convention defs to std_defs after generating the imports list), but I still could not manage to make the translation work (IDA fails in get_cfg.py with an error indicating it cannot access the instruction at memory address 50000).

It would be very useful if you could please provide only a very short example of how to translate Linux binaries with McSema? What would be the necessary changes to the instructions described in the Windows demo?

Thank you,
Ana

Artem D

unread,
Sep 30, 2014, 11:50:00 AM9/30/14
to mcsem...@googlegroups.com
Hi Ana,

As of this writing, McSema has been only tested on object files (both COFF and ELF) and Windows DLLs. We know that people want to translate full binaries, in both ELF and PE format. We do have future plans to support doing that. The translation pieces shouldn't need any changing, just the binary format parsing pieces need to be modified. 

The Windows example you're speaking of is actually for kernel32.dll, the calc.exe only comes in to show that it will run under a re-emitted kernel32.dll file.

Artem

steven.raf...@gmail.com

unread,
Oct 22, 2014, 6:50:57 PM10/22/14
to mcsem...@googlegroups.com
Hi Ana,

There are example of doing Linux binary-to-LLVM translation at https://github.com/trailofbits/mcsema/tree/master/mc-sema/tests . But note that there is currently a lot of work to make the translation more robust. 


On Wednesday, September 24, 2014 4:06:14 PM UTC-4, anacl...@gmail.com wrote:
Reply all
Reply to author
Forward
0 new messages