Skip to content
/ binja-blocks Public
forked from droe/binja-blocks

Apple Blocks Plugin for Binary Ninja

License

MIT license
0 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

WeiN76LQh/binja-blocks

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

42 Commits
.github/img
.github/img
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
__init__.py
__init__.py
 
 
blocks.py
blocks.py
 
 
objctypes.py
objctypes.py
 
 
plugin.json
plugin.json
 
 
shinobi.py
shinobi.py
 
 

Repository files navigation

Apple Blocks Plugin

Author: Daniel Roethlisberger

Annotation of Apple libclosure blocks.

Description

Type annotation of stack and global blocks, block descriptors, variables closed over and related function signatures in Binary Ninja. Blocks are an implementation of closures often found in C, C++, ObjC and ObjC++ code for Apple platforms. Blocks are not the same as C++ lambdas.

Stack block before annotation:

Screenshot of stack block before annotation

Stack block after annotation:

Screenshot of stack block after annotation

Invoke function before annotation:

Screenshot of invoke function before annotation

Invoke function after annotation:

Screenshot of invoke function after annotation

Commands:

  • Annotate all blocks
  • Annotate all global blocks
  • Annotate all stack blocks
  • Annotate global block here
  • Annotate stack block here
  • Remove plugin comment here

Features:

  • Annotate global blocks
  • Annotate stack blocks
  • Annotate block imported variables for extended layout with compact or bytecode layout encodings
  • Annotate block descriptors
  • Annotate block invoke function type based on encoded block ObjC type signature
  • Annotate block copy and dispose functions
  • Annotate stack byrefs
  • Annotate stack byref fields for non-extended layout
  • Annotate stack byref fields for extended layout with compact or bytecode layout encodings
  • Define per-block named structs to allow for manual fixups
  • Define structs for fully manual annotation: Block_literal, Block_descriptor_1, Block_descriptor_2, Block_descriptor_3, Block_byref_1, Block_byref_2, Block_byref_3.
  • Relevant enums for completeness
  • Support for 64-bit architectures

Planned improvements, PRs welcome:

  • Find stack writes beyond end of struct but within size, between insn that set up structure and first reference of structure, and pick up as non-pointer imported fields
  • Automatically create structs for which internal type info is available, unless they can be pulled from some type archive
  • Allow re-annotating already annotated blocks, e.g. after partial failure or manual changes
  • Plugin command to annotate byrefs manually more conveniently than annotating the type
  • Annotate byref block keep and destroy functions

Less likely to get implemented, but PRs welcome:

  • Support for 32-bit architectures
  • Support older block layout from before the introduction of block descriptors
  • Discover and annotate block stack unwind handlers
  • Find and annotate byrefs passed as arguments

License

This plugin is released under an MIT license.

About

Apple Blocks Plugin for Binary Ninja

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

9 tags

Packages

No packages published

Languages

  • Python 100.0%