Good news from the BinNavi front. For one, our GDB Agent which connects BinNavi with arbitrary GDB servers is now working on Linux. Since that was the last part of BinNavi which had to be used from Windows, all parts of BinNavi are now usable from Linux. Even cooler news is that we have made the Cisco router emulator Dynamips work with the GDB Agent. It is now possible for users of BinNavi to use the GDB server of Cisco devices emulated on Dynamips. This has a wide range of applications for situations where people had to work with physical devices in the past even though Dynamips would have been sufficient.
Out of the box, the GDB server of Cisco devices is not emulated properly by Dynamips. There were two issues that had to be fixed in the Dynamips code:
Once the GDB server was active, the console of the Cisco device froze and GDB would neither send nor accept commands
The single-step flag was not honored by the emulator, making single-stepping impossible
I have created a patch that solves these two issues. You can download the patch file here. Once this patch is applied to the Dynamips source code, the GDB server of the Cisco 2600 router I used for testing works like a charm and BinNavi can use the GDB server for debugging the emulated device.
Here are some impressions of BinNavi debugging the emulated Cisco 2600 router.
The first screenshot was taken shortly after attaching to the GDB server. You can see the "trap" instruction at offset 0x8021CCAC. When you attach to the GDB server for the first time, this is where the debugger halts.
Then I single-stepped a few times to leave the function in the first screenshot. The second screenshot shows another smaller function where you end up after leaving the first function.
The third screenshot shows a bigger function. In this function I told BinNavi to record all basic blocks which are ever executed and then I resumed the debugger. The result can be seen in the Trace log in the lower part of the window. The address of each basic block hit during execution is shown there in the order in which the basic blocks were hit. Double-clicking on the trace selects all basic blocks that were hit in the graph. This makes it very easy to get a quick code coverage analysis to see what basic blocks were executed and those that were not.
Staying true to our 6 months release cycle we will probably release BinNavi 2.1, the latest version of our binary code reverse engineering tool, next week. After BinNavi 1.5 and BinNavi 2.0 this is the third release of BinNavi I have been in charge of. I want to take this opportunity to talk about the features I like most in BinNavi 2.1. You can actually find a more or less complete list of what is new in BinNavi 2.1 compared to BinNavi 2.0 over here.
Good news from work. A new version of BinNavi, the graph-based reverse engineering software I've been working on for the last few months, is supposed to be released in mid-October. We sent out Beta versions of BinNavi to a few select customers about two weeks ago and this week we are going to send all of them a second beta version that includes many of the improvements they suggested.
BinNavi 2.0 introduces many cool new features. There is a completely new GUI which makes it easier to work with disassembled files stored in BinNavi databases. All disassembled files in BinNavi databases can now be accessed from the main window. Different files can be combined into projects that can be used to analyze and debug multiple disassembled files and the interaction between them. Think of having one EXE file and multiple DLL files in one project for example.
Click here to see a screenshot of the new main window. You can see eight disassembled files (Modules) and one project that combines notepad.exe with a few imported DLL files.