windows 0x01- convert binary file to IDB:
$IDA_PATH\\idaq.exe -B -p+ $FILE_TO_CONVERT
0x02 - create BinExport from idb
$IDA_PATH\\idaq.exe -A -SC:\\bindiff_export.idc
where bindiff_export.idc looks like:
#include <idc.idc>
static main()
{
Batch(0);
Wait();
Exit( 1 - RunPlugin("zynamics_binexport_5", 2 ));
}
also want to diff files, you can use BinDiff directly on BinExports:
$PATH_TO_BINDIFF\\bin\\BinDiff_Deluxe.exe -i $BIN_EXPORT_A -j $BIN_EXPORT_B -o $OUTPUT
~ > /opt/zynamics/BinDiff/bin/differ -help differ: Finds similarities in binary code. Usage: /opt/zynamics/BinDiff/bin/differ --primary=PRIMARY [--secondary=SECONDARY]
Example command line to diff all files in a directory against each other: /opt/zynamics/BinDiff/bin/differ \ --primary=/tmp --output_dirc=/tmp/result Note that if the directory contains IDA Pro databases these will automatically be exported first. For a single diff: /opt/zynamics/BinDiff/bin/differ \ --primary=/tmp/file1.BinExport --secondary=/tmp/file2.BinExport \ --output_dir=/tmp/result
Flags from /usr/local/google/home/cblichmann/devel/zyclient/google3/third_party/gflags/src/gflags.cc: -flagfile (load flags from file) type: string default: "" -fromenv (set flags from the environment [use 'export FLAGS_flag1=value']) type: string default: "" -tryfromenv (set flags from the environment if present) type: string default: "" -undefok (comma-separated list of flag names that it is okay to specify on the command line even if the program does not define a flag with that name. IMPORTANT: flags in this list that have arguments MUST use the flag=value format) type: string default: ""
Flags from /usr/local/google/home/cblichmann/devel/zyclient/google3/third_party/gflags/src/gflags_completions.cc: -tab_completion_columns (Number of columns to use in output for tab completion) type: int32 default: 80 -tab_completion_word (If non-empty, HandleCommandLineCompletions() will hijack the process and attempt to do bash-style command line flag completion on this value.) type: string default: ""
Flags from /usr/local/google/home/cblichmann/devel/zyclient/google3/third_party/gflags/src/gflags_reporting.cc: -help (show help on all flags [tip: all flags can have two dashes]) type: bool default: true -helpfull (show help on all flags -- same as -help) type: bool default: false -helpmatch (show help on modules whose name contains the specified substr) type: string default: "" -helpon (show help on the modules named by this flag value) type: string default: "" -helppackage (show help on all modules in the main package) type: bool default: false -helpshort (show help on only the main module for this program) type: bool default: false -helpxml (produce an xml version of help) type: bool default: false -version (show version and build info and exit) type: bool default: false
Flags from /usr/local/google/home/cblichmann/devel/zyclient/google3/third_party/zynamics/bindiff/main_portable.cc: -bin_format (Write results in binary file format that can be loaded by the BinDiff IDA plugin or the GUI) type: bool default: false -config (Specify config file name) type: string default: "" -export (Batch export .idb files from input directory to BinExport format) type: bool default: false -knox_format (Write results in FortKnox format) type: bool default: false -log_format (Write results in log file format) type: bool default: false -ls (List hash/filenames for all .BinExport files in input directory) type: bool default: false -md_index (Dump MD indices (will not diff anything)) type: bool default: false -output_dir (Output path, defaults to current directory) type: string default: "/home/dave" -primary (Primary input file or path in batch mode) type: string default: "" -secondary (Secondary input file (optional)) type: string default: ""
Comments