Skip to content
This repository has been archived by the owner on May 17, 2021. It is now read-only.
/ TaintAll Public archive

TaintAll, a taint analysis and concolic execution tool

License

GPL-3.0 license
32 stars 13 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

onura/TaintAll

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
ida-plugin
ida-plugin
 
 
src
src
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
compile.sh
compile.sh
 
 

Repository files navigation

TaintAll

TaintAll, a taint analysis and concolic execution tool.

Installation

  • Install boost >= 1.5
  • Install pin = 2.14
  • cd your_pin_path/source/tools
  • git clone https://github.com/onura/TaintAll.git
  • cd TaintAll
  • ./compile.sh
  • open ida-plugin/ta_plugin.py and set CONF_PIN_PATH variable to point your pin directory
  • cp ta_plugin.py into IDA Pro plugin directory.

Usage

  • init plugin
t = ta_plugin()
t.run(1)
  • start tainting at the address
t.a.startTaintAt(0x100000EB0)
  • stop tainting at the address
t.a.stopTaintAt(0x100000F41)
  • taint 5 bytes from the address that RSI register is pointing to
t.a.taintPointer(0x100000F17, Registers.RSI, 5)
  • taint EAX registers
t.a.taintRegister(0x100000BBC, Registers.RAX, RegParts.DWORD)
  • taint 4 bytes from the memory 0x100000992
t.a.taintAddress(0x100000BBC, 0x100000992, 4)
  • start analysis
t.a.startDynamicAnalysis()
  • show/hide taints
t.a.hideTaints()
t.a.showTaints()
  • print tainted registers/memories at the address which the cursor is pointing
t.a.printRegsEA()
t.a.printMemsEA()
  • print all affected addresses
t.a.printAffectedAddrs()

About

TaintAll, a taint analysis and concolic execution tool

Resources

Readme

License

GPL-3.0 license
Activity

Stars

32 stars

Watchers

6 watching

Forks

13 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages