This tool is used to match variable between source code and compiled binaries (with debug information, now support DWARF4 and DWARF5)
if you are using ubuntu (recommended), you can execute
apt -y install build-essential wget zip pkgconf zlib1g zlib1g-dev libzstd1 meson \
ninja-build doxygen bzip2 flex graphviz libbz2-dev libssl-dev libncurses5-dev \
libsqlite3-dev libreadline-dev libtk8.6 libgdm-dev libdb4o-cil-dev libpcap-devvarviewer need libdwarf to extracter dwarf info, this can be downloaded from https://github.com/davea42/libdwarf-code/releases and perform customized installation.
you can execute the following for this,
mkdir /tmp/build && cd /tmp
wget https://github.com/davea42/libdwarf-code/releases/download/v0.5.0/libdwarf-0.5.0.tar.xz && \
tar xf libdwarf-0.5.0.tar.xz
cd /tmp/build && meson /tmp/libdwarf-0.5.0 && ninja && ninja install && ninja testvarviewer's analysis module is implemented with high version of python3, python-3.11 is recommended, here's the quick build commands.
wget https://github.com/python/cpython/archive/refs/tags/v3.11.1.zip
unzip v3.11.1.zip && cd cpython-3.11.1/ && ./configure --enable-optimizations
make -j 32 && make installalso, some python3 packages are in need,
pip3 install angr z3-solver bz2file pydot graphviz angr iced_x86 pyelftools pyinstrument timeout_decoratoryou need 2 steps to match variables.
- go into extracter/ and
mkdir build -p && cd build && cmake.. && make - execute
./bin/extracter <binary-to-extract> -o <json-file>, the json file contains organized debug info to feed the analysis module, besides there are also some debug option(s)-rfor print raw dwarf expression-ncfor only print complex expressions-fdefor print CFA info, and--no-traversefor avoidance of fully traversing, and quickly print other info
as default, user only need main.py to complete matching analysis.
you can execute python3 ./main.py <binary-to-analyze> <json-file> -uO -o <result-file>