[ Contact Info | Site Index ]

unstrip


unstrip is a library fingerprinting tool for stripped binaries.

Features

  • Identifies GNU C Library wrapper functions in an stripped input binary and outputs a new binary with meaningful names assigned to these functions.
  • Other functions are located and labeled with targXXXXXX names (where XXXXXX is the address of the function entry point in hex).
  • Includes a "learning" mode to add new fingerprints to the database.
  • Currently operates on 32-bit binaries.

Download

References

  • Emily R. Jacobson, Nathan Rosenblum, and Barton P. Miller, "Labeling Library Functions in Stripped Binaries", ACM SIGPLAN-SIGSOFT workshop on Program Analysis for Software Tools and Engineering (PASTE), Szeged, Hungary, September 2011. [PDF]
  • Nathan E. Rosenblum, Xiaojin (Jerry) Zhu, Barton P. Miller, and Karen Hunt, "Learning to Analyze Binary Computer Code", 23rd Conference on Artificial Intelligence (AAAI-08), Chicago, Illinois, July 2008. [PDF]
  • Laune C. Harris and Barton P. Miller, "Practical Analysis of Stripped Binary Code", Workshop on Binary Instrumentation and Applications (WBIA-05), St. Louis, Missouri, September 2005. [PDF]
  •  

    Dyninst

    Release 8.2 Features/Bugs
    Release 8.2 Software
    Release History

    MRNet

    Release 4.1 Features
    Release 4.1 Software
    Release History

    SymtabAPI

    Release 8.2 Features/Bugs
    Release 8.2 Software
    Release History

    InstructionAPI

    Release 8.2 Features
    Release 8.2 Software
    Release History

    ParseAPI

    Release 8.2 Features
    Release 8.2 Software
    Release History

    PatchAPI

    Release 8.2 Features
    Release 8.2 Software
    Release History

    StackwalkerAPI

    Release 8.2 Features
    Release 8.2 Software
    Release History

    ProcControlAPI

    Release 8.2 Features
    Release 8.2 Software
    Release History

    Frequently Asked Questions
    Documentation

    [ Contact Info | Site Index ]