Tuesday, February 11, 2014

Building Assembly Control Flow Graph(CFG) at Runtime for Reverse Engineering Using Python

A control flow graph (CFG) in computer science is a representation, using graph notation, of all paths that might be traversed through a program during its execution. In this post I'm going share one python tool which I've written few days back to build control flow graph of any function at run-time very quickly.

What it Does?

This tool actually help you to visualize any function's control flow graph at time of its execution. It also gives de-reference information of executed instructions.

To build CFG of any function you need to provide the entry point and exit point of that particular function you want to analyze. In last part of this post I've have posted one video which demonstrates how to use this tool.

How it's gonna help?

This tool actually can help you to reverse complex functions by creating control flow graph of it at runtime. So it reduces reverse engineering efforts a lot in many cases. It also gives you de-reference information each and every instruction executed. From this information you can easily find out at any certain point which register is point to to which place (stack / heap).

Sample Control Flow Graph Generated by visdasm:



This tool is available for download at my Github page:

How to Use this tool?[Video Demo]

This tool uses below libraries:

  1. Pydbg
  2. Pydasm
  3. Jquery [For control flow graph]
  4. JqueryUI [For control flow graph]
  5. PlumberJS[For control flow graph]
Last Words:

I'vent tested this script much. I am modifying this tool everyday. So in some cases it may throw dirty errors.