binja_sensei

Educational tools for Binary Ninja

This plugin provides resources for beginners to learn reverse engineering using Binary Ninja. It automatically installs several other plugins, and provides examples that showcase the features of these plugins.

Origins

This project is a product of NCC Group's 2017 summer internship program. Further updates will be tracked at https://github.com/ehennenfent/binja_sensei. NCC Group is not responsible for any further changes made to the repository after August 18th, 2017.

Setup

Plugin Manager

For the sake of futureproofing, Binja Sensei installs plugins via the yet-incomplete Plugin Manager API. Since the plugin manager does not currently have a GUI, installation must be accomplished by running the following snippet at the Binary Ninja script console (Accessed via Ctrl+`).

manager = RepositoryManager()

manager.enable_plugin('binja_sensei', install=True)

Note: Depending on when you installed Binja, you may need to run manager.check_for_updates() and restart Binja for this plugin to show up. I strongly recommend installing on a fresh VM.

If you're running this before August 31st, 2017, you'll need to be using the development version of Binary Ninja, as dependency installation relies on b0778fc and 326253a.

Next, restart Binary Ninja. When loaded, Sensei will update all the bundled plugins to the latest version, and install any python dependencies for each plugin. It won't automatically run install scripts, so if you're on Ubuntu and intend to set up binja_dynamics, you'll need to navigate to ~/.binaryninja/repositories/default/plugins/binja_dynamics and run ./install.sh.

Manual Installation

If any of the plugin installations fail, you may have more success performing a manual installation. Pending Issue #753, some plugins that reply on absolute file paths may not work unless manually installed. To manually install, copy the relevant repository links below, and clone them inside of your plugins directory.

https://github.com/carstein/Annotator.git
https://github.com/ehennenfent/binja_arch_ref.git
https://github.com/ehennenfent/binja_dynamics.git
https://github.com/ehennenfent/binja_explain_instruction.git
https://github.com/carstein/Syscaller.git

Bundled Tools

Please note that the bundled tools remain property of their respective authors. While this plugin is offered under an MIT License, that license does not extend to any of the plugins below.

Writeups

To demonstrate potential use cases for these plugins, solutions for the five overflow challenges from PicoCTF 2013 are included. Please note that minor changes in terms of functionality, color scheme, and bugfixes may have been implemented since the creation of the writeups.

Examples

Annotator

Annotator uses a virtual stack to annotate calls to libc functions with argument prototypes. annotator screenshot

Architecture Reference

This plugin displays a cheat sheet with Binary Ninja's internal information on the architecture. arch-ref screenshot

Binja Dynamic Analysis Tools

This plugin adds a Qt frontend to Binjatron, including highlights intended to help beginners spot important memory locations. binja-dynamics screenshot

Explain Instruction

Adds a popup window that explains in simple English what an assembly instruction does. binja-explain-instruction screenshot

Syscaller

Annotates system calls with arguments. syscaller screenshot