MJChku
commented
3 years ago Another question is does it handle shared library like libc.so ? If I want to include shared library, how can I do that?
Closed MJChku closed 1 year ago
MJChku
commented
3 years ago Another question is does it handle shared library like libc.so ? If I want to include shared library, how can I do that?
danielplohmann
commented
3 years ago Hi!
Yes, SMDA has (limited) support for recovery of indirect call targets. This is based on heuristical backtracking and implemented here in IndirectCallAnalyzer. Since it does not do proper dataflow analysis, there's a chance it will miss some more elaborate constructs of indirect jumps/calls.
For the second question: As long as the binary under analysis has dynamic linking to a target like libc, those references should be resolved as and show up within the functions using them. It's not possible as of now to load multiple buffers into a single, more intricate compound memory layout like e.g. IDA Pro allows.
Generally, if you intend to do primarily analysis of ELF files, I can recommend going with Ghidra, which appears to excel at those. SMDA is primarily targeting memory dumps of Windows PE files. Hope that helps!
I am building a Value Set Analysis on top of this, but first question is does it handle indirect jumps, if so, how? Thanks!