Unverified Commit 4682feba by Thomas Barabosch Committed by GitHub

Merge pull request #4 from fkie-cad/refactoring

docker optimized and markdown issues fixed
parents b61ca538 cb16c7fa
# based on https://github.com/BinaryAnalysisPlatform/bap/blob/master/docker/Dockerfile # based on https://github.com/BinaryAnalysisPlatform/bap/blob/master/docker/Dockerfile
FROM phusion/baseimage:0.11 FROM phusion/baseimage:0.11
RUN apt-get -y update && apt-get -y install \ RUN apt-get -y update && install_clean \
build-essential \ build-essential \
curl \ curl \
git \ git \
...@@ -8,6 +8,7 @@ RUN apt-get -y update && apt-get -y install \ ...@@ -8,6 +8,7 @@ RUN apt-get -y update && apt-get -y install \
m4 \ m4 \
pkg-config \ pkg-config \
python-pip \ python-pip \
python-setuptools \
software-properties-common \ software-properties-common \
sudo \ sudo \
unzip \ unzip \
...@@ -17,11 +18,8 @@ RUN apt-get -y update && apt-get -y install \ ...@@ -17,11 +18,8 @@ RUN apt-get -y update && apt-get -y install \
libgmp-dev \ libgmp-dev \
libzip-dev \ libzip-dev \
llvm-6.0-dev \ llvm-6.0-dev \
zlib1g-dev \ zlib1g-dev
&& apt-get clean \ RUN wget https://raw.githubusercontent.com/ocaml/opam/master/shell/install.sh && yes /usr/local/bin | sh install.sh
&& rm -rf /var/lib/apt/lists/*
RUN wget https://raw.githubusercontent.com/ocaml/opam/master/shell/install.sh
RUN yes /usr/local/bin | sh install.sh
RUN useradd -m bap && echo "bap:bap" | chpasswd && adduser bap sudo RUN useradd -m bap && echo "bap:bap" | chpasswd && adduser bap sudo
RUN sed -i.bkp -e \ RUN sed -i.bkp -e \
's/%sudo\s\+ALL=(ALL\(:ALL\)\?)\s\+ALL/%sudo ALL=NOPASSWD:ALL/g' \ 's/%sudo\s\+ALL=(ALL\(:ALL\)\?)\s\+ALL/%sudo ALL=NOPASSWD:ALL/g' \
...@@ -31,8 +29,7 @@ WORKDIR /home/bap ...@@ -31,8 +29,7 @@ WORKDIR /home/bap
# install Bap # install Bap
RUN opam init --auto-setup --comp=4.05.0 --disable-sandboxing --yes RUN opam init --auto-setup --comp=4.05.0 --disable-sandboxing --yes
RUN git clone -b testing --single-branch https://github.com/BinaryAnalysisPlatform/opam-repository.git RUN git clone -b testing --single-branch https://github.com/BinaryAnalysisPlatform/opam-repository.git
RUN opam repo add bap opam-repository RUN opam repo add bap opam-repository && opam update
RUN opam update
RUN opam install depext --yes RUN opam install depext --yes
RUN OPAMJOBS=1 opam depext --install bap --yes RUN OPAMJOBS=1 opam depext --install bap --yes
RUN pip install bap RUN pip install bap
......
...@@ -6,17 +6,17 @@ ...@@ -6,17 +6,17 @@
Its main focus are ELF binaries that are commonly found on Linux and Unix operating systems. *cwe_checker* is built on top of [BAP](https://github.com/BinaryAnalysisPlatform/bap)(Binary Analysis Platform). By using BAP, we are not restricted to one low level instruction set architectures like Intel x86. BAP lifts several of them to one common intermediate represenetation (IR). cwe_checker implements its analyses on this IR. At time of writing, BAP 1.5 supports Intel x86/x64, ARM, MIPS, and PPC amongst others. Hence, this makes *cwe_checker* a valuable tool in firmware analysis. Its main focus are ELF binaries that are commonly found on Linux and Unix operating systems. *cwe_checker* is built on top of [BAP](https://github.com/BinaryAnalysisPlatform/bap)(Binary Analysis Platform). By using BAP, we are not restricted to one low level instruction set architectures like Intel x86. BAP lifts several of them to one common intermediate represenetation (IR). cwe_checker implements its analyses on this IR. At time of writing, BAP 1.5 supports Intel x86/x64, ARM, MIPS, and PPC amongst others. Hence, this makes *cwe_checker* a valuable tool in firmware analysis.
*cwe_checker* implements a modular architecture that allows to add new analyses with ease. So far the following analyses are implemented: *cwe_checker* implements a modular architecture that allows to add new analyses with ease. So far the following analyses are implemented:
- [CWE-190](https://cwe.mitre.org/data/definitions/190.html): Integer Overflow or Wraparound - [CWE-190](https://cwe.mitre.org/data/definitions/190.html): Integer Overflow or Wraparound
- [CWE-215](https://cwe.mitre.org/data/definitions/215.html): Information Exposure Through Debug Information - [CWE-215](https://cwe.mitre.org/data/definitions/215.html): Information Exposure Through Debug Information
- [CWE-243](https://cwe.mitre.org/data/definitions/243.html): Creation of chroot Jail Without Changing Working Directory - [CWE-243](https://cwe.mitre.org/data/definitions/243.html): Creation of chroot Jail Without Changing Working Directory
- [CWE-332](https://cwe.mitre.org/data/definitions/332.html): Insufficient Entropy in PRNG - [CWE-332](https://cwe.mitre.org/data/definitions/332.html): Insufficient Entropy in PRNG
- [CWE-367](https://cwe.mitre.org/data/definitions/367.html): Time-of-check Time-of-use (TOCTOU) Race Condition - [CWE-367](https://cwe.mitre.org/data/definitions/367.html): Time-of-check Time-of-use (TOCTOU) Race Condition
- [CWE-426](https://cwe.mitre.org/data/definitions/426.html): Untrusted Search Path - [CWE-426](https://cwe.mitre.org/data/definitions/426.html): Untrusted Search Path
- [CWE-457](https://cwe.mitre.org/data/definitions/457.html): Use of Uninitialized Variable - [CWE-457](https://cwe.mitre.org/data/definitions/457.html): Use of Uninitialized Variable
- [CWE-467](https://cwe.mitre.org/data/definitions/467.html): Use of sizeof() on a Pointer Type - [CWE-467](https://cwe.mitre.org/data/definitions/467.html): Use of sizeof() on a Pointer Type
- [CWE-476](https://cwe.mitre.org/data/definitions/476.html): NULL Pointer Dereference - [CWE-476](https://cwe.mitre.org/data/definitions/476.html): NULL Pointer Dereference
- [CWE-676](https://cwe.mitre.org/data/definitions/676.html): Use of Potentially Dangerous Function - [CWE-676](https://cwe.mitre.org/data/definitions/676.html): Use of Potentially Dangerous Function
- [CWE-782](https://cwe.mitre.org/data/definitions/782.html): Exposed IOCTL with Insufficient Access Control - [CWE-782](https://cwe.mitre.org/data/definitions/782.html): Exposed IOCTL with Insufficient Access Control
Please note that some of the above analyses only are partially implemented at the moment. Furthermore, false positives are to be expected due to shortcuts and the nature of static analysis. Please note that some of the above analyses only are partially implemented at the moment. Furthermore, false positives are to be expected due to shortcuts and the nature of static analysis.
...@@ -25,24 +25,24 @@ Please note that some of the above analyses only are partially implemented at th ...@@ -25,24 +25,24 @@ Please note that some of the above analyses only are partially implemented at th
![](https://github.com/fkie-cad/cwe_checker/raw/master/doc/images/example_ida_anotation.png "IDA Pro anotation") ![](https://github.com/fkie-cad/cwe_checker/raw/master/doc/images/example_ida_anotation.png "IDA Pro anotation")
## Why use cwe_checker? ## ## Why use cwe_checker? ##
The following arguments should convince you to give *cwe_checker* a try: The following arguments should convince you to give *cwe_checker* a try:
- it is very easy to setup, just build the Docker container! - it is very easy to setup, just build the Docker container!
- it analyzes ELF binaries of several CPU architectures including x86, ARM, MIPS, and PPC - it analyzes ELF binaries of several CPU architectures including x86, ARM, MIPS, and PPC
- it is extensible due to its plugin-based architecture - it is extensible due to its plugin-based architecture
- it is configureable, e.g. apply analyses to new APIs - it is configureable, e.g. apply analyses to new APIs
- view results annotated in IDA Pro - view results annotated in IDA Pro
- *cwe_checker* can be integrated as a plugin into [FACT](https://github.com/fkie-cad/FACT_core) - *cwe_checker* can be integrated as a plugin into [FACT](https://github.com/fkie-cad/FACT_core)
## How to install cwe_checker? ## ## How to install cwe_checker? ##
There are three ways to install cwe_checker. The recommended way is to get cwe_checker from the Ocaml package manager Opam. You can install cwe_checker via the package [fkie-cad-cwe-checker](https://opam.ocaml.org/packages/fkie-cad-cwe-checker/) (`opam install fkie-cad-cwe-checker`). There are three ways to install cwe_checker. The recommended way is to get cwe_checker from the Ocaml package manager Opam. You can install cwe_checker via the package [fkie-cad-cwe-checker](https://opam.ocaml.org/packages/fkie-cad-cwe-checker/) (`opam install fkie-cad-cwe-checker`).
The second way is to utilize the installation script `install.sh`, which is just a wrapper around Docker. Make sure to have the latest version of Docker. The second way is to utilize the installation script `install.sh`, which is just a wrapper around Docker. Make sure to have the latest version of Docker.
The second way is to build it using the provided `Makefile`. In this case you must ensure that all dependencies are fulfilled: The second way is to build it using the provided `Makefile`. In this case you must ensure that all dependencies are fulfilled:
- Ocaml 4.05.0 - Ocaml 4.05.0
- Opam 1.2.2 - Opam 1.2.2
- BAP 1.5 (and its dependencies) - BAP 1.5 (and its dependencies)
- yojson 1.4.1 - yojson 1.4.1
- alcotest 0.8.3 - alcotest 0.8.3
- Sark for IDA Pro annotations - Sark for IDA Pro annotations
Just run `make all` to compile and register the plugin with BAP. Just run `make all` to compile and register the plugin with BAP.
## How to use cwe_checker? ## ## How to use cwe_checker? ##
The usage is straight forward: adjust the `config.json` (if needed) and call BAP with *cwe_checker* as a pass. The usage is straight forward: adjust the `config.json` (if needed) and call BAP with *cwe_checker* as a pass.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment