Ripr takes a user selected slice of binary code and creates a Python script with identical functionality. This cuts down, or eliminates, time spent reimplementing functionality from a target binary such as custom cryptographic algorithms, key-generation routines, obfuscated code, et cetera. This allows a reverse engineer to spend more time focusing on the big picture, and less time on bug-prone re-implementations. Further, ripr generates its code in a natural way, allowing for convenient interaction with existing code.
Currently, ripr is implemented as a Binary-Ninja plugin and utilizes the Unicorn Engine to actually emulate binary code. This talk will discuss how ripr works at a technical level and describe the static-analysis methodologies ripr uses to package code. It will follow with several live demos and a discussion of the tool’s limitations. The code will be open sourced at the end of the talk.