McSema

Thesis: https://is.muni.cz/th/pxe1j/thesis.pdf

McSema

  • use [Remill] to lift x86/amd64/aarch64 instructions to LLVM bitcode;
  • the only option that separates control flow recovery from translation, permitting the use of custom control flow recovery front-ends;
  • based on LLVM 3.5 (in 2014-2016), LLVM 3.8 (in 2017),

Modules:

  • mcsema-disass disassembles binaries; only use IDA Pro as disassembly engine;
  • mcsema-lift converts the disassembly into LLVM bitcode;

Add new instructions

use mcsema-lift --list-supported to see supported instructions.

Add new instructions to remill

Usage

McSema Walkthrough

Reference 1

Remill

  1. reference ↩
Created Nov 11, 2019 // Last Updated May 18, 2021

If you could revise
the fundmental principles of
computer system design
to improve security...

... what would you change?