Start Binary Ninja from the Command-Line and Murder it with Malware

I recently acquired a license of Binary Ninja thanks to my team’s Second Place finish at this year’s annual Information Security Talent Search (ISTS) put on by RIT’s Security Practices and Research Student Association (SPARSA).

I’ve found it to be quite a handy tool, especially whilst taking a Malware Analysis and Reverse Engineering class at the moment.

Quick Note

I currently have a Personal version of Binary Ninja — and I’m not terribly sure how any of what I’ll share will carry over or not. Moreover, I will be documenting the use for how to achieve this on MacOS; and so, if you’re running Binary Ninja on another operating system then you’ll need to modify the steps to fit your system’s path essentially.

Path to Binary Ninja

On macOS, the path to Binary Ninja should be /Applications/Binary Ninja.app/Contents/MacOS/binaryninja which we can use to run Binary Ninja from the command-line.

So, it’s the binary to Binary Ninja… Whoa. 🤣

Can we look at binaryninja with Binary Ninja? Yes, we can!

So, if it’s just a binary, we should be able to run file and see that it’s a Mach-O executable file. And, hopefully if we throw a -h flag up on that shizzle we should get a help menu if the Binary Ninja developers love me.

Look at that help menu goodness. I wish there were more options. 😩

Alright, well, I never want to have to travel to that directory ever again to do this stuff. To provide an incredibly simple alternative, we can simply alias something which will provide us with a shortcut to run Binary Ninja. To do this, we can edit our shell’s profile ~/.bashrc then add the following alias

Because binary_ninja would be lame to use for an alias when ninjago is an option.

Once we source our shell’s profile we can now run Binary Ninja from the command-line with ease with whatever alias you set!

I can now launch the application whenever I type ninjago in bash:

We can use the standard error debugging option -e to view the errors from weird binaries where things go wrong in Binary Ninja:

LET THE ERRORS HIT THE FLOOR. LET THE ERRORS HIT THE FLOOT. LET THE ERRORS HIT THE —

In fact, I can totally crash Binary Ninja with some weird binaries.

Today’s Anti-Reversing Technique

So, anti-reversing techniques yo’? Just error-out the reversing platform:

Makes the lil guy work pretty hard too. Will max out CPU and memory will fill up fast.

Letting it run for a little while longer will generally totally murder Binary Ninja ( forces it to exit ). But, I’m going to try and love my computer a little bit and not continue to stress it out so I can get a screenshot.

Though, I should definitely do more tests and see what kind of repeatability I can get!

Probably more on that stuff later. Until then, or something else, that’s all I’ve got for now!

If you want to keep up with my latest research, you can follow me on Twitter or GitHub!

Quick Update

After tweeting about this blog post, Vector 35 ( creators of Binary Ninja ) reached out:

Original tweet.
Reached out to me.
No worries ma’ homies. I got’chu.