AllgemeinBetreuer: Andre Pawlowski Beginn: as soon as possible Dauer: 6 Months Weitere Details:
Reverse engineering of binary executables is a difficult task which gets more involved by the way compilers translate high-level concepts used in paradigms such as object-oriented programming into native code, as it is the case for C++. Such code is harder to grasp than, e. g., traditional procedural code, since it is generally more verbose and adds complexity through features such as polymorphism or inheritance. Hence, a deep understanding of interactions between instantiated objects, their corresponding classes, and the connection between classes would vastly reduce the time it takes an analyst to understand the application. The growth in complexity in contemporary C++ applications only amplifies the effect.
The aim of this thesis is to tackle this problem by extending an existing analysis framework to reconstruct class hierarchies of C++ programs and resolve virtual callsites for the ARM architecture. The framework is build on top of the Valgrind IL (called VEX) in C++. It is build to reconstruct class hierarchies for Linux x64 binaries and therefore needs to be extended to support ARM. Furthermore, the existing algorithms and heuristics focused on characteristics used in x64 and hence have to be modified if necessary.
Tasks that need to be solved include:
- Familiarize C++ code on ARM
- Familiarize the existing analysis framework
- Extending the analysis framework to work with ARM binaries
- Evaluate the implementation
- Good C/C++ programming skills
- Good knowledge of Linux
- Some reverse engineering knowledge