Binary Ninja has experimental support
for writing plugins in Rust and the provided template
is a good starting point for figuring out how to write one.
This post will cover some (hopefully useful) getting started tips. A sample
plugin can be found on GitHub.
rust-toolchain.toml
…
Read more...
All vulnerabilities mentioned in this post were tested against firmware version
V1.0.18, older versions might be affected as well. Affected devices should be
updated to V1.0.23 to resolve the issues.
Proof-of-concept exploits for all vulnerabilities can be found here:
https://git…
Read more...
The default method
to generate Dash docsets for Binary Ninja does not
work with a personal license as it requires the ability to run Binary Ninja in
headless mode, a capability only available with the commercial license.
Luckily, Binary Ninja ships the API documentation as HTML f…
Read more...
Semgrep is a great tool to add into a code review
workflow as Semgrep is aware of language semantics and automatically handles
things like different import styles and aliases well.
However, when writing rules for JavaScript, I noticed that the following import
pattern was not han…
Read more...
Frida is very commonly used to instrument Android applications written in Java
and compiled to Dalvik bytecode. It is a less well known fact that Frida
gained support for instrumenting Java programs running on the HotSpot JVM in a
recent version which should work on most JVM vers…
Read more...