Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
IdaS2ETracer: an IDA importer for S2E traces
Fetching latest commit…
Cannot retrieve the latest commit at this time.
|Failed to load latest commit information.|
IdaS2ETracer: an IDA importer for S2E traces ============================================ This library is a plugin for IDA Pro, allowing to import specific S2E state traces directly into IDA for static analysis. Once imported into IDA, it is then possible to replay the execution back and forth in the trace replayer, as well as navigating through the dynamic call-graph. Building ======== In order to build, you need: * IDAPro for linux (>= 6.4) * IDA SDK (>= 6.4) You can specify the path of your IDA SDK include files using `--with-idasdk`, and choose where to install the .plx plugin by specifying the `--libdir`. A typical installation would be as follow: # Assuming IDA 6.4 installed under /opt/ida-6.4 autoreconf -i sudo ln -s /opt/ida-6.4/libida.so /usr/lib/libida.so ./configure --with-idasdk=/home/user/idasdk64/include --libdir=/opt/ida-6.4/plugins make sudo make install You need a proper 32bits toolchain in order to compile and link against IDA. Usage ===== Once properly built and installed, you will find the importer under the meny entry Edit -> Plugins -> Import S2E trace. From there, please specify the location of the trace file to import (usually named ExecutionTrace.dat) and the state/path number (if not using symbolic mode, just accept the zero default). After import, you will go directly into graph navigation mode. You may want to inspect the trace in the "Trace window", or replay it in the replay debugger. Be sure to check the "Suspend on debugging start" under "Debugger options" before starting. Caveats ======= If the imported state was running in symbolic mode, some register content may not be available as concrete value. Symbolic values are marked as `0x00DEAD00` values.