forked from IAIK/ios-analysis
-
Notifications
You must be signed in to change notification settings - Fork 0
/
run.sh
87 lines (71 loc) · 2.05 KB
/
run.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
#!/bin/bash
#
argc=$#
if [ $argc -eq 0 ] ; then
echo "No binary specified"
exit -1
fi
#
binary=$1
if ! [ -e $binary ] ; then
echo "binary \"$1\" not found"
exit -1
fi
if echo $binary | grep -q -E '.*\.((64)|(html)|(json)|(bc)|(csv)|(txt))' ; then
exit -1
fi
echo ""
echo "####################################################"
echo "$binary"
echo "####################################################"
binary64="$binary.64"
if ! [ -e $binary64 ] ; then
echo "64-bit binary not found -> extract"
rm $binary.* &> /dev/null
lipo -thin arm64 $binary -o $binary64 &> /dev/null
if ! [ $? -eq 0 ] ; then
echo "ERROR: can't extract binary"
exit
fi
fi
grep -E "(CCCrypt)" $binary64 > /dev/null
hasCC=$?
if ! [ $hasCC -eq 0 ] ; then
echo "Does not call CC"
exit
fi
llvmir="$binary.bc"
llvmopt="$binary.opt.bc"
if ! [ -e $llvmopt ] ; then
echo "Decompile"
./dagger/build/bin/llvm-dec $binary64 -O1 -bc -o $llvmir #&> /dev/null
if ! [ $? -eq 0 ] ; then
echo "ERROR: can not decompile $binary" >> errs.txt
exit
fi
echo "Optimize"
./llvm-slicer/build/bin/opt -instcombine -sroa -simplifycfg -constprop $llvmir -o $llvmopt
# opt -simplifycfg -constprop $llvmir -o $llvmopt
# opt $llvmir -o $llvmopt
fi
rules="rules/rules.json"
if [ $# -gt 1 ] ; then
rules=$2
fi
report="$binary.html"
if [ $# -gt 2 ] ; then
report=$3
fi
if [ -e $report ] ; then
echo "Report already exists"
exit
fi
echo "Analyze"
# gtimeout 110m llvm-slicer $llvmopt -binary $binary64 -o /dev/null -r $report -rules $rules
# if math "$status != 0" > /dev/null
# echo "ERROR: TIMEOUT"
# end
# llvm-slicer $llvmopt -binary $binary64 -o /dev/null -r $report -rules $rules
./llvm-slicer/build/bin/llvm-slicer $llvmopt -binary $binary64 -o /dev/null -r $report -rules $rules
# llvm-slicer $llvmopt -binary $binary64 -o /dev/null -r $report -rules $rules -print-same-usedef-only
# llvm-slicer $llvmopt -binary $binary64 -o /dev/null -r $report -rules $rules -same-usedef-only