binaryanalysis-ng icon indicating copy to clipboard operation
binaryanalysis-ng copied to clipboard
verified publisher icon armijnhemel

Open Source License scanning for Binary files

Open kiranravindran90 opened this issue 4 years ago • 12 comments

We installed BANG successfully and able to unpack binary files (.bin-flashwares).

But we are not able to locate result files for Open Source License scanning. We see "LicenseIdentifierScanner.py" file in \src but not sure if it is called during unpacking or has to be called separately?

kiranravindran90 avatar Sep 23 '21 08:09 kiranravindran90

BANG is split into two parts: unpacking and analysis. These two are separate. Currently the analysis part is under development and you should consider BANG as an unpacker for now. I will be merging the first analysis tools in about a month.

armijnhemel avatar Sep 23 '21 08:09 armijnhemel

Thanks for this info. Any update on the analysis part?

kiranravindran90 avatar Nov 18 '21 12:11 kiranravindran90

Thanks for this info. Any update on the analysis part?

There are a few analysis tools, but they are far from complete yet. See the file README-analysis.md in the top level directory to see what is there right now. More will be added soon: an identification mechanism based on Yara is currently in the works.

armijnhemel avatar Nov 18 '21 13:11 armijnhemel

Oh ok. Thank you. I am specifically looking for Open source License scan. Any idea when that part would be available? A rough estimate should be more than enough, just to know how long to wait :)

kiranravindran90 avatar Nov 29 '21 06:11 kiranravindran90

Oh ok. Thank you. I am specifically looking for Open source License scan. Any idea when that part would be available? A rough estimate should be more than enough, just to know how long to wait :)

It depends on what you think by "open source license scan". Could you clarify your use case?

armijnhemel avatar Nov 29 '21 10:11 armijnhemel

Well what I meant by that is - able to scan the Binary files for presence of any Open Source licenses like GPL, Apache etc. Could be based on checking for License text in the Binary or so.

kiranravindran90 avatar Dec 01 '21 13:12 kiranravindran90

Well what I meant by that is - able to scan the Binary files for presence of any Open Source licenses like GPL, Apache etc. Could be based on checking for License text in the Binary or so.

This is actually not that difficult (quite trivial actually using a few YARA rules), but you should be aware that very few binaries actually incorporate license information.

armijnhemel avatar Dec 01 '21 13:12 armijnhemel

Thank you for the suggestion & quick response. I shall check on that. Is there a plan to implement such a feature in BANG?

kiranravindran90 avatar Dec 01 '21 13:12 kiranravindran90

Thank you for the suggestion & quick response. I shall check on that. Is there a plan to implement such a feature in BANG?

Yes. As a matter of fact, I am working on a first version of YARA integration as we speak and that should be in BANG this week. Let me see what I can do :-)

armijnhemel avatar Dec 01 '21 14:12 armijnhemel

Oh that's good. Thanks a lot :)

kiranravindran90 avatar Dec 01 '21 14:12 kiranravindran90

I have added some rules in the directory maintenance/yara_rules. You can compile these to YARA rules and then use YARA. I will soon write scripts that will be able to process output from BANG and use these rules as well.

armijnhemel avatar Dec 02 '21 20:12 armijnhemel

Hello :) Are these scripts ready & available now? i.e. We can unpack Binaries & scan for Open source license information?

kiranravindran90 avatar Apr 07 '22 08:04 kiranravindran90