Loop
Logic-Oriented Opaque Predicate Detection in Obfuscated Binary Code
Install / Use
/learn @s3team/LoopREADME
LOOP is a logic oriented opaque predicate checker. It is able to detect the following opaque predicates in binary code:
- Invariant opaque predicate
- Contextual opaque predicate
- Dynamic opaque predicate
LOOP is developed based on BAP.
BAP: The Binary Analysis Platform. For more information see the project webpage at http://bap.ece.cmu.edu
BAP is released under MIT license and the GPL license; see the appropriate LICENSE.{MIT,GPL}.
How to use:
-
Use Pin to generate a execution trace. It also needs a lib called gentrace. The command is like: LOOPDIR/pin/pin -t LOOPDIR/pintraces/obj-ia32/gentrace.so -taint_args -- yourprogram yourargs
-
Convert trace into concrete trace: LOOPDIR/utils/iltrans -trace tracename -trace-concrete -pp-ast tracename.con.il
-
Preprocess the trace: LOOPDIR/utils/pre_process.pl tracename.con.il
-
Symbolic execute the trace: LOOPDIR/utils/iltrans -il tracename.con.il -il-formula tracename.stp
-
Solve the formula with STP. You will need a STP solver installed. stp tracename.stp
