Skip to content
/ format-string-finder-binja Public

A binary ninja plugin that finds format string vulnerabilities

License

MIT license
23 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Vasco-jofra/format-string-finder-binja

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
images
images
 
 
src
src
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
__init__.py
__init__.py
 
 
plugin.json
plugin.json
 
 

Repository files navigation

Format String Finder

Author: jofra

Finds format string vulnerabilities

Description:

This plugin will detect format string vulnerabilities and printf-like functions.

Example

How it works

  1. Loads known functions that receive a format parameter.
  2. For each xref of these functions find where the fmt parameter comes from:
    1. If it comes from an argument we mark it as a printf-like function and test its xrefs
    2. If it is a constant value located in a read-only area we mark it as safe
    3. If it comes from a known 'safe' function call result (functions from the dgettext family) we mark it as safe
    4. Otherwise we mark it as vulnerable
  3. Prints a markdown report

Settings

  • format_string_finder.should_highlight_variable_trace:
    • Highlight instructions that are used in the trace of the format parameter origin.
  • format_string_finder.should_enable_tests_plugin
    • Enable the tests plugin. Only for development.

About

A binary ninja plugin that finds format string vulnerabilities

Topics

binary-ninja format-string-attack binary-ninja-plugin

Resources

Readme

License

MIT license
Activity

Stars

23 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases 1

Release of v1.0 Latest
Jul 15, 2019

Packages

No packages published

Languages