Notify the user if the binary seems packed

Vector35 / binaryninja-api

Public API, examples, documentation and issues for Binary Ninja

https://binary.ninja/

MIT License

900 stars 204 forks source link

Notify the user if the binary seems packed #4603

Closed seekbytes closed 1 year ago

seekbytes commented 1 year ago

Currently BinaryNinja makes powerful suggestions via the log card. One thing that I was thinking was about implementing some heuristics to notify the user that probably the binary seems packed.

The first heuristic I thought about was for UPX (in pseudocode):

if len(sections) == 2 && section[i].name == "UPX0" && section[i+1] == "UPX1"

Example message:

[default] Heuristics found a probably packer in binary, found "UPX0" and "UPX1" as sections name

plafosse commented 1 year ago

We envision this issue being able to handle some of these conditions: https://github.com/Vector35/binaryninja-api/issues/133

Closing as duplicate.