MBA-Blast is a tool for simplification of MBA expressions.
- Z3 solver:
pip3 install z3-solver
- sympy:
pip3 install sympy
- Z3 solver:
pip install z3-solver
- sympy:
pip install sympy
- ast:
pip install ast
- astunparse:
pip install astparse
Download it and install it by the link.
Download it and install it by the link.
The source code is from the link, but we have download and refine it in the related folder "syntia".
MBA-Blast's code is structured in following parts: dataset, simplifying MBA expression in the dataset, peer simplification tools.
The files storing MBA expression.
- Dataset 1 is dataset1.txt
- Dataset 2 is dataset2_xbit.txt
Simplifying the mba expressions by the method describing in the paper. Functions to analyze and manipulate MBA expressions are in "tools" folder.
- Run MBA-Blast on Dataset1:
make mba-simplify-1
- Run MBA-Blast on 8-bit dataset:
make mba-simplify-8
- Run MBA-Blast on 16-bit dataset:
make mba-simplify-16
- Run MBA-Blast on 32-bit dataset:
make mba-simplify-32
- Run MBA-Blast on 64-bit dataset:
make mba-simplify-64
Run Arybo on Dataset1: make arybo-mba
Run SSPAM on Dataset1: make sspam-mba
Run Syntia on Dataset1: program-synthesis-64
, json-transformation-64
, syntia-evaluation-64
.
Note that the main module mcts_synthesis
is from the open source code of paper -- Syntia: Synthesizing the Semantics of Obfuscated Code.