Skip to content
/ libbs Public
forked from binsync/libbs

A library for writing plugins in any decompiler: includes API lifting, common data formatting, and GUI abstraction!

License

BSD-2-Clause license
0 stars 6 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Scrap-Mods/libbs

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

72 Commits
.github/workflows
.github/workflows
 
 
examples
examples
 
 
libbs
libbs
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
setup.cfg
setup.cfg
 
 
setup.py
setup.py
 
 

Repository files navigation

LibBS

The decompiler API that works everywhere!

LibBS is an abstracted decompiler API that enables you to write plugins/scripts that work, with minimal edit, in every decompiler supported by LibBS. LibBS was originally designed to work with BinSync, and is the backbone for all BinSync based plugins.

Install

pip install libbs

You can optionally also do libbs --install after to install generic plugins, but it's not required, since libbs files will be installed with plugins that use it.

Usage

LibBS exposes all decompiler API through the abstract class DecompilerInterface. The DecompilerInterface can be used in either the default mode, which assumes a GUI, or headless mode. In headless mode, the interface will start a new process using a specified decompiler.

You can find various examples using LibBS in the examples folder. Examples that are plugins show off more of the complicated API that allows you to use an abstracted UI, artifacts, and more.

UI Mode (default)

To use the same script everywhere, use the convenience function DecompilerInterface.discover_interface(), which will auto find the correct interface. Copy the below code into any supported decompiler and it should run without edit.

from libbs.api import DecompilerInterface

deci = DecompilerInterface.discover()
for addr in deci.functions:
    function = deci.functions[addr]
    if function.header.type == "void":
        function.header.type = "int"

    deci.functions[function.addr] = function

Headless Mode

To use headless mode you must specify a decompiler to use. You can get the traditional interface using the following:

from libbs.api import DecompilerInterface

deci = DecompilerInterface.discover(force_decompiler="ida", headless=True)

In the case of decompilers that don't have a native python library for working with, like Ghidra and IDA, you will to tell libbs where the headless binary path exists. This can be passed through either headless_dec_path flag, or through your environment. For Ghidra this would be: GHIDRA_HEADLESS_PATH.

Artifact Access Caveats

In designing the dictionaries that contain all Artifacts in a decompiler, we had a clash between ease-of-use and speed. When accessing some artifacts like a Function, we must decompile the function. Decompiling is slow. Due to this issue we slightly changed how these dictionaries work to fast accessing.

The only way to access a full artifact is to use the getitem interface of a dictionary. In practice this looks like the following:

for func_addr, light_func in deci.functions.items():
    full_function = deci.function[func_addr]

Notice, when using the items function the function is light, meaning it does not contain stack vars and other info. This also means using keys, values, or list on an artifact dictionary will have the same affect.

About

A library for writing plugins in any decompiler: includes API lifting, common data formatting, and GUI abstraction!

Resources

Readme

License

BSD-2-Clause license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%