Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/m4b/bingrep

like ~~grep~~ UBER, but for binaries
https://github.com/m4b/bingrep

binary elf grep mach-o objdump portable-executable

Last synced: about 2 months ago
JSON representation

like ~~grep~~ UBER, but for binaries

Host: GitHub
URL: https://github.com/m4b/bingrep
Owner: m4b
License: mit
Created: 2017-02-26T09:21:23.000Z (over 7 years ago)
Default Branch: master
Last Pushed: 2023-02-06T07:00:29.000Z (over 1 year ago)
Last Synced: 2024-07-19T09:15:49.927Z (about 2 months ago)
Topics: binary, elf, grep, mach-o, objdump, portable-executable
Language: Rust
Homepage:
Size: 1 MB
Stars: 1,696
Watchers: 37
Forks: 66
Open Issues: 5
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

awesome-rust-cn - m4b/bingrep - ci.org/m4b/bingrep.svg?branch=master">](https://travis-ci.org/m4b/bingrep) (应用 / System tools)
awesome-rust - m4b/bingrep - ci.org/m4b/bingrep.svg?branch=master">](https://travis-ci.org/m4b/bingrep) (Applications / System tools)
awesome-rust - m4b/bingrep
awesome-repositories - m4b/bingrep - like ~~grep~~ UBER, but for binaries (Rust)
awesome-rust-cn - m4b/bingrep
awesome-rust-zh - m4b/bingrep - 通过来自各种操作系统和体系结构的二进制文件，并对它们进行着色。[<img src="https://api.travis-ci.org/m4b/bingrep.svg?branch=master">](https://travis-ci.org/m4b/bingrep) (应用 / 系统工具)
awesome-discoveries - bingrep - like grep, but for binaries _(`Rust`)_ (CLI Utilities)
awesome-rust - m4b/bingrep - Greps through binaries from various OSs and architectures, and colors them. (Applications / System tools)
awesome-rust - m4b/bingrep - ci.org/m4b/bingrep.svg?branch=master">](https://travis-ci.org/m4b/bingrep) (应用 Applications / 系统工具 System tools)

README

# bingrep

[![Actions][actions-badge]][actions-url]
[![crates.io version][crates-bingrep-badge]][crates-bingrep]

[actions-badge]: https://github.com/m4b/bingrep/workflows/CI/badge.svg?branch=master
[actions-url]: https://github.com/m4b/bingrep/actions
[crates-bingrep-badge]: https://img.shields.io/crates/v/bingrep.svg
[crates-bingrep]: https://crates.io/crates/bingrep

Greps through binaries from various OSs and architectures, and colors them. Current backends:

* ELF 32/64, arm, x86, openrisc - all others will parse and color, but relocations won't show properly
* Mach 32/64, arm, x86
* Unix and BSD archive printer
* PE (debug only)

**NOTE**: Building requires rustc version 1.20 or greater. If you're using a distro's rust compiler, consider using https://rustup.rs to install your rustc compiler and associated binaries.

![elf_table2](etc/elf_table2.png)

![elf_table1](etc/elf_table1.png)

![mach](etc/mach.png)

![archive](etc/archive.png)

## Install

`bingrep` is available through cargo, via `cargo install bingrep`, or you can build, and install the resulting binary wherever you like.

## Build

Tested with stable rustc 1.38.0.

`cargo build --release`

Now copy the resulting binary in `/target/release/bingrep` wherever you like.

## Run

Example:

```
bingrep /bin/ls
```

To dump internal debug representation of the parsed binary:

```
bingrep -d /bin/ls
```

To demangle symbols, use `-D` or `--demangle`:

```
bingrep -D /bin/ls
```

## Meta Analysis (Experimental)

You can print a hextable (WIP) via `--hex` or an overview of file offset ranges via `--ranges`.

![ranges](etc/ranges.png)

## Searching

Search functionality is being added.

You can try it out using `bingrep --search "string" ` or `bingrep -s "string"`. Currently only works for ELF targets.

Please chime in on https://github.com/m4b/bingrep/issues/13 for how this functionality will:

1. Be presented,
2. What API will be exposed
3. What usecases are most important (e.g., how do you like to search binaries)
4. How it will be implemented

# FAQ

> Why is this repo called bingrep, it's nothing like grep at all

That's a good question; I was using this as a personal development tool for some time, and I was conferring with someone from the internet about some binary stuff, when I decided I should just upload this to a proper repo instead of sending pictures. So I quickly created a repo, I felt like I had been greppin' through binaries, so that was the name I uploaded. Even worse, I named it `bg` as the produced executable at the time of the upload, and this of course immediately conflicted with the unix command `bg`. There's an [issue](https://github.com/m4b/bingrep/issues/1) for a better name, you can chime in too!

> Why do you/should I use this instead of X ?

For some of my projects or workflows I need to very quickly see the load address, offset, or size of a symbol/program header/section header/export/import. I got tired of using objdump/nm/X because really, I just needed to colorize addresses, sizes etc., so I can quickly identify them and move on. So I wrote this, very quickly, and named it a bad name (sorry!). Then I went totally overboard and started coloring everything, everywhere. You love it, don't worry. Also you're free to use anything you want, whatever makes you happy and productive!

> Is there anything to work on?

Yes, there are several open issues. I think I'd actually like to port the symbol map functionality (which enables printing every binary that exports a symbol) from https://github.com/m4b/rdr, as well as implement a "reverse symbol map", which finds every binary that calls/imports a symbol.

If you also like hacking on binary stuff, the backend this uses, https://github.com/m4b/goblin, is responsible for the actual loading, parsing, etc., and there are several open issues on that repo as well if you feel like contributing.