This tool is used to match variable between source code and compiled binaries (with debug information, now support DWARF4 and DWARF5)
if you are using ubuntu (recommended), you can execute
apt -y install build-essential wget zip pkgconf zlib1g zlib1g-dev libzstd1 meson \
ninja-build doxygen bzip2 flex graphviz libbz2-dev libssl-dev libncurses5-dev \
libsqlite3-dev libreadline-dev libtk8.6 libgdm-dev libdb4o-cil-dev libpcap-dev
varviewer need libdwarf
to extracter dwarf info, this can be downloaded from https://github.com/davea42/libdwarf-code/releases and perform customized installation.
you can execute the following for this,
mkdir /tmp/build && cd /tmp
wget https://github.com/davea42/libdwarf-code/releases/download/v0.5.0/libdwarf-0.5.0.tar.xz && \
tar xf libdwarf-0.5.0.tar.xz
cd /tmp/build && meson /tmp/libdwarf-0.5.0 && ninja && ninja install && ninja test
varviewer's analysis module is implemented with high version of python3, python-3.11 is recommended, here's the quick build commands.
wget https://github.com/python/cpython/archive/refs/tags/v3.11.1.zip
unzip v3.11.1.zip && cd cpython-3.11.1/ && ./configure --enable-optimizations
make -j 32 && make install
also, some python3 packages are in need,
pip3 install angr z3-solver bz2file pydot graphviz angr iced_x86 pyelftools pyinstrument timeout_decorator
you need 2 steps to match variables.
- go into extracter/ and
mkdir build -p && cd build && cmake.. && make
- execute
./bin/extracter <binary-to-extract> -o <json-file>
, the json file contains organized debug info to feed the analysis module, besides there are also some debug option(s)-r
for print raw dwarf expression-nc
for only print complex expressions-fde
for print CFA info, and--no-traverse
for avoidance of fully traversing, and quickly print other info
as default, user only need main.py
to complete matching analysis.
you can execute python3 ./main.py <binary-to-analyze> <json-file> -uO -o <result-file>