An open source tool to identify runtime libraries on statically linked Linux binaries.
The original logo image can be seen here and is licensed under the terms of the CC-BY-SA-2.0
.jpg){kind=link}
This system is part of an investigation that is currently under review. We will release the system once the review process is complete.
We recommend to install MANTILLA's dependencies with pip in a virtual environment to not mess up with your current configuration:
$ sudo apt update
$ sudo apt install python3-pip python3-venvCreate and activate your virtual environment:
$ python3 -m venv .
$ source venv/bin/activate
(venv) $ git clone https://github.com/reverseame/MANTILLA.gitNow, you can install dependencies in requirements.txt:
(venv) $ python3 -m pip install -r requirements.txtusage: MANTILLA.py [-h] [-b BINARY] [-j JSON] [-m METRIC] [-t THRESHOLD]
[-k NEIGHBORS] [-f FILE_MODEL] [-d DIRECTORY]
This tool identifies the runtime library in statically linked Linux binaries.
optional arguments:
-h, --help show this help message and exit
-b BINARY, --binary BINARY
Specify the binary to analyze
-j JSON, --json JSON Specify the features of a binary in JSON format
-m METRIC, --metric METRIC
Specify the distance metric
-t THRESHOLD, --threshold THRESHOLD
Specify the distance threshold
-k NEIGHBORS, --neighbors NEIGHBORS
Specify the number of k-neighbors
-f FILE_MODEL, --file_model FILE_MODEL
Specify the features model CSV file
-d DIRECTORY, --directory DIRECTORY
Specify a directory with test files
To extract features from a binary:
Usage: python3 feature_extraction.py -s <source_code_path> -b <binary_file>
Options:
-h, --help show this help message and exit
-s SOURCE_CODE_PATH, --source=SOURCE_CODE_PATH
Source code directory
-b BINARY_FILE_PATH, --binary=BINARY_FILE_PATH
Binary file path
-p PDB, --pdb=PDB PDB file path
The datasets used to train and test the model are available at zenodo
Licensed under the GNU GPLv3 license.