sgayou / Rbasefind
Licence: mit
A firmware base address search tool.
Stars: ✭ 159
Programming Languages
rust
11053 projects
Labels
Projects that are alternatives of or similar to Rbasefind
Droidreverse
reverse engineering tools for android(android 逆向工程工具集)
Stars: ✭ 1,839 (+1056.6%)
Mutual labels: reverse-engineering
Apkleaks
Scanning APK file for URIs, endpoints & secrets.
Stars: ✭ 2,707 (+1602.52%)
Mutual labels: reverse-engineering
Degate
Open source software for chip reverse engineering.
Stars: ✭ 156 (-1.89%)
Mutual labels: reverse-engineering
Execution Trace Viewer
Tool for viewing and analyzing execution traces
Stars: ✭ 149 (-6.29%)
Mutual labels: reverse-engineering
Gymnasticon
Make obsolete and/or proprietary exercise bikes work with popular cycling training apps like Zwift, TrainerRoad, Rouvy and more.
Stars: ✭ 155 (-2.52%)
Mutual labels: reverse-engineering
Apiscout
This project aims at simplifying Windows API import recovery on arbitrary memory dumps
Stars: ✭ 146 (-8.18%)
Mutual labels: reverse-engineering
Mixplaintext
可对 Xcode 项目工程所有的 objective-c 文件内包含的明文进行加密混淆,提高逆向分析难度。
Stars: ✭ 152 (-4.4%)
Mutual labels: reverse-engineering
Cmd
Command line tools for database operation written by Go, moved to https://gitea.com/xorm/cmd
Stars: ✭ 154 (-3.14%)
Mutual labels: reverse-engineering
Validity90
Reverse engineering of Validity/Synaptics 138a:0090, 138a:0094, 138a:0097, 06cb:0081, 06cb:009a fingerprint readers protocol
Stars: ✭ 1,807 (+1036.48%)
Mutual labels: reverse-engineering
Panda
Platform for Architecture-Neutral Dynamic Analysis
Stars: ✭ 1,993 (+1153.46%)
Mutual labels: reverse-engineering
Jupiter
A Windows virtual memory editing library with support for pattern scanning.
Stars: ✭ 156 (-1.89%)
Mutual labels: reverse-engineering
Mviewer
Reverse Engineer MView 3D File Format
Stars: ✭ 148 (-6.92%)
Mutual labels: reverse-engineering
Apktool
A tool for reverse engineering Android apk files
Stars: ✭ 12,978 (+8062.26%)
Mutual labels: reverse-engineering
Stuff
Unsorted, raw, ugly & probably poorly usable tools for reversing, exploit and pentest
Stars: ✭ 146 (-8.18%)
Mutual labels: reverse-engineering
Z3 and angr binary analysis workshop
Code and exercises for a workshop on z3 and angr
Stars: ✭ 154 (-3.14%)
Mutual labels: reverse-engineering
Uddbg
A gdb like debugger that provide a runtime env to unicorn emulator and additionals features!
Stars: ✭ 159 (+0%)
Mutual labels: reverse-engineering
Binja Retdec
Binary Ninja plugin to decompile binaries using RetDec API
Stars: ✭ 158 (-0.63%)
Mutual labels: reverse-engineering
Edb Debugger
edb is a cross-platform AArch32/x86/x86-64 debugger.
Stars: ✭ 2,019 (+1169.81%)
Mutual labels: reverse-engineering
rbasefind
A brute-force base address scanner based on @mncoppola's basefind.py & @rsaxvc's basefind.cpp implemented in rust.
Features
Scans a flat, 32-bit binary file and attempts to calculate the base address of the image. Looks for ASCII English strings then finds the greatest intersection of all 32-bit words interpreted as pointers and the offsets of the strings.
This works rather well on some ARM (non-thumb) binaries. It's a very simple heuristic that attempts to use as little information about the file as possible from the target binary. As such, it isn't going to work miracles.
Help
Scan a flat 32-bit binary and attempt to brute-force the base address via string/pointer comparison. Based on the
excellent basefind.py by mncoppola.
USAGE:
rbasefind [FLAGS] [OPTIONS] <INPUT>
FLAGS:
-b, --bigendian Interpret as big-endian (default is little)
-h, --help Prints help information
-p, --progress Show progress
-V, --version Prints version information
OPTIONS:
-n, --maxmatches <LEN> Maximum matches to display (default is 10)
-m, --minstrlen <LEN> Minimum string search length (default is 10)
-o, --offset <LEN> Scan every N (power of 2) addresses. (default is 0x1000)
-t, --threads <NUM_THREADS> # of threads to spawn. (default is # of cpu cores)
ARGS:
<INPUT> The input binary to scan
Example
time ./rbasefind fw.bin
Located 2355 strings
Located 372822 pointers
Scanning with 8 threads...
0x00002000: 2195
0x00001000: 103
0x00000000: 102
0x00003000: 101
0x00004000: 90
0x45e95000: 74
0x45e93000: 73
0x00006000: 64
0x00005000: 59
0x45ec3000: 58
real 0m40.937s
user 5m20.908s
sys 0m0.035s
0x00002000 was the correct base address for this binary.
For large binaries, the default scan may take too long. The search size can be dialed down, at the expense of "accuracy", via specifying a minimum string length. i.e.,
time ./target/release/rbasefind fw_all.bin -m 100
Located 7 strings
Located 372822 pointers
Scanning with 8 threads...
0x00002000: 4
0x2ae7b000: 2
0xffe54000: 1
0xfba46000: 1
0xfb9c3000: 1
0xfb80a000: 1
0xfafe6000: 1
0xfafe0000: 1
0xfae3b000: 1
0xfae13000: 1
real 0m0.149s
user 0m0.751s
sys 0m0.012s
TODO
- Some form of auto mode. Detect endianness based on highest intersection. Auto decrease offset in window around highest match.
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].