Send in your ideas. Deadline December 1, 2024
hex
Grant
Theme fund: NGI0 Entrust
Start: 2023-12
More projects like this
Software engineering

ReOxide

Improving Rust Decompilation

Modern compiled languages such as Rust and Go are notorious for producing binaries that are difficult to reverse engineer by default. As these languages grow in popularity, they are increasingly being used in proprietary products and are also attracting malware developers. In order to audit binary software and analyze malware, it is therefore necessary to improve reverse engineering tools with special support for specific languages. To fill this gap, we are developing the ReOxide framework, which targets the reverse engineering of Rust programs. In the presence of extensive compile-time code generation and strong memory optimizations, existing decompilers reach their limits when trying to recreate C-like languages. The design goal of ReOxide is therefore to build on top of the Ghidra decompiler and make it extensible for custom analysis passes. This will allow us to gather information that is readily available during decompilation itself, but not through Ghidra's public plugin API. We will use this information to address Rust specific language features, but also try to keep the extensions general enough for other languages.

    Run by SBA Research gGmbH

    Logo NLnet: abstract logo of four people seen from above Logo NGI Zero: letterlogo shaped like a tag

    This project was funded through the NGI0 Entrust Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 101069594.