whyitfor
commented
1 year ago @EdwardLarson, would it make sense to describe what this feature is in this PR?
Closed EdwardLarson closed 1 year ago
whyitfor
commented
1 year ago @EdwardLarson, would it make sense to describe what this feature is in this PR?
One sentence summary of this PR (This should go in the CHANGELOG!) A new feature that allows users to create an OFRAK "project" that contains a collection of scripts and binaries.
Link to Related Issue(s)
Please describe the changes in your request. OFRAK Projects are a way to bundle and share binaries with OFRAK scripts which unpack, analyze, modify, and/or repack those binaries. The structure is simple: The root project directory contains a
binariesdirectory holding all of the project's binaries, ascriptsdirectory holding all of the OFRAK scripts, aREADME.md, and ametadata.json.The metadata holds some extra information about each binary, optionally listing which scripts in the project can run on that binary (you might have scripts meant for some subset of binaries, and a script meant for one specific binary, a script applicable to all of them, etc.), and possibly naming a single script as the "init script" for that binary. An init script means it is the entrypoint when OFRAK creates a resource for that binary, so for example it might do the initial unpacking.
There is a Project Management interface built into the GUI to support this (requires that experimental features are enabled). This interface displays the binaries and scripts in the project (and allows adding/deleting these), which scripts are associated with each binary (including init scripts, and all of these associations can be modified), and allows a user to "Launch" any of the binaries from the project by opening it in OFRAK and running the init script on it, if it exists. Launching a project binary brings the user directly into a GUI page with that binary open as an OFRAK resource.
Projects can be cloned directly from a git repo. With this feature, user "A" can share their reverse engineering script for a binary in an OFRAK project as a git repo, and user "B" can open the OFRAK GUI, from the Project Management interface, clone that project repo, select that binary, load it into OFRAK, and automatically run the reverse engineering script written by user "A."
Anyone you think should look at this, specifically? @dannyp303 @rbs-jacob