Binary version #689

noxing · 2023-07-07T07:34:15Z

noxing
Jul 7, 2023

I saw the binary version of the detection section when running the emba. The detection process seems to be complicated. There are actually binaries with no detected versions. How does it work? Thank you!

m-1-k-3 · 2023-07-07T08:40:11Z

m-1-k-3
Jul 7, 2023
Maintainer

The binary version detection is handled from module S09. It iterates through the configuration file and checks every binary in bin_string_checker with strings against the current identifier (see here)

There are multiple other cases included like the check of the extractor logs here or some strict mode handling.

1 reply

noxing Jul 10, 2023
Author

Thank you very much for your help.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Binary version #689

{{title}}

{{editor}}'s edit

{{editor}}'s edit

Replies: 1 comment 1 reply

{{title}}

{{title}}

Select a reply

Binary version #689

noxing Jul 7, 2023

Replies: 1 comment · 1 reply

m-1-k-3 Jul 7, 2023 Maintainer

noxing Jul 10, 2023 Author

noxing
Jul 7, 2023

Replies: 1 comment 1 reply

m-1-k-3
Jul 7, 2023
Maintainer

noxing Jul 10, 2023
Author