Falconre is a python3 library using pyo3 to wrap:
- Falcon - A binary analysis framework in Rust
- Finch - A symbolic executor built on Falcon
- Raptor - Higher order IR and analysis on top of Falcon
This is alpha-quality software.
This is me (endeav0r) hacking on Falcon and other things to try and automate different simple static analysis tasks.
Here are some things you can try:
git clone https://github.com/endeav0r/corpora
git clone https://github.com/falconre/falconre
# Build some example programs
pushd corpora
./build.sh
popd
# Build falconre in a Docker container
pushd falconre
docker build -t falconre .
# Watch youtube, this will take a few minutes
popd
docker run --rm -ti -v $(pwd):/opt falconre \
python3 /opt/falconre/examples/print-calls.py \
/opt/corpora/build/stack_buffer/vuln/one
# Run the example stack-writes.py script against a trivially vulnerable stack
# buffer overflow program.
docker run --rm -ti -v $(pwd):/opt falconre \
python3 /opt/falconre/examples/stack-writes.py \
/opt/corpora/build/stack_buffer/vuln/one
# Run the example stack-writes.py against a non-vulnerable version of the same
# program.
docker run --rm -ti -v $(pwd):/opt falconre \
python3 /opt/falconre/examples/stack-writes.py \
/opt/corpora/build/stack_buffer/not_vuln/one
docker run --rm -ti -v $(pwd):/opt falconre \
python3 /opt/falconre/examples/symex-one.py \
/opt/corpora/build/symex/one
docker run --rm -ti -v $(pwd):/opt falconre \
python3 /opt/falconre/examples/falcon-dot-graph.py \
/opt/corpora/build/symex/one run | dot -Tpng -o /tmp/main.png
docker build -t falconre .
This is how I use falconre.
Install rust:
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
You'll need this thing called "Rust nightly":
rustup toolchain install nightly
rustup default nightly
Get the dependencies
brew install z3 capstone
Install with setuptools
python3 setup.py install
If you don't want to install with setuptools, assuming you want to run the examples:
cargo build --release
cp target/release/libfalconre.dylib examples/falconre.so