A pure-python Binary Ninja plugin for Solana EBPF.
Available in Binja's plugin manager inside of Plugins > Manage Plugins
This is only needed if you wish to tinker with the plugin to modify it.
Clone this repo in your Binja plugins folder, located in the user folder.
Now install the requirements :
- either by running
Install python3 modulein Binja'scommand palette(Ctrl + P) and installlief - or by going to the user folder and installing
liefwithin thevenvenviroment using:
pip install lief
Currently tested on [email protected]
See our introductory blog post.
Instruction lifting!
Solana SDK Structures!
Copy this directory into your Binary Ninja plugins folder and restart.
- Instruction Lifting: All EBPF instructions are lifted to LLIL
- Accurate Memory Maps: We implement Solana-specific memory maps (0x{1/2/3/4}00000000 addresses for data/stack/heap/input)
- Solana ELF Relocations: Solana-specific ELF relocations
- Syscall Function Signatures: Full signatures for all of the Solana syscalls
- (partial) Solana SDK Types: Type definitions for all Solana SDK objects. (fully complete for C, in-progress for Rust)
TODO:
- Solana SDK Signature Matching: Automatically match common Solana SDK functions.
[ScriptingProvider] ModuleNotFoundError: No module named 'lief'
Is lief installed?
Run the following in the Binja python console
import lief
lief.__version__If you get an error, refer to the Installation section