Start Binary Ninja from the Command-Line and Murder it with Malware
I recently acquired a license of Binary Ninja thanks to my team’s Second Place finish at this year’s annual Information Security Talent Search (ISTS) put on by RIT’s Security Practices and Research Student Association (SPARSA).
I’ve found it to be quite a handy tool, especially whilst taking a Malware Analysis and Reverse Engineering class at the moment.
I currently have a
Personal version of Binary Ninja — and I’m not terribly sure how any of what I’ll share will carry over or not. Moreover, I will be documenting the use for how to achieve this on MacOS; and so, if you’re running Binary Ninja on another operating system then you’ll need to modify the steps to fit your system’s path essentially.
Path to Binary Ninja
On macOS, the path to Binary Ninja should be
/Applications/Binary Ninja.app/Contents/MacOS/binaryninja which we can use to run Binary Ninja from the command-line.
Can we look at binaryninja with Binary Ninja? Yes, we can!
So, if it’s just a binary, we should be able to run
file and see that it’s a
Mach-O executable file. And, hopefully if we throw a
-h flag up on that shizzle we should get a help menu if the Binary Ninja developers love me.
Alright, well, I never want to have to travel to that directory ever again to do this stuff. To provide an incredibly simple alternative, we can simply alias something which will provide us with a shortcut to run Binary Ninja. To do this, we can edit our shell’s profile
~/.bashrc then add the following alias
source our shell’s profile we can now run Binary Ninja from the command-line with ease with whatever alias you set!
I can now launch the application whenever I type
ninjago in bash:
We can use the standard error debugging option
-e to view the errors from weird binaries where things go wrong in Binary Ninja:
In fact, I can totally crash Binary Ninja with some weird binaries.
Today’s Anti-Reversing Technique
So, anti-reversing techniques yo’? Just error-out the reversing platform:
Letting it run for a little while longer will generally totally murder Binary Ninja ( forces it to exit ). But, I’m going to try and love my computer a little bit and not continue to stress it out so I can get a screenshot.
Probably more on that stuff later. Until then, or something else, that’s all I’ve got for now!
After tweeting about this blog post, Vector 35 ( creators of Binary Ninja ) reached out: