Building fast and reliable reverse engineering tools with Frida and Rust

Building fast and reliable reverse engineering tools with Frida and Rust

연구 분야: Analysis

학회: 2022 IEEE 18th International Conference on Intelligent Computer Communication and Processing (ICCP)

Reverse engineering binary applications is a key process for black-box security auditing and malware analysis. Frida is a reverse engineering framework based on dynamic binary instrumentation that allows the user to create agents, which are injected in the analyzed process, and can communicate with the user’s program. Frida is written in C and Vala and offers high level bindings in Python and JavaScript. Dynamic languages allow fast development iteration, a key requirement when trying to discover the inner workings of an application or protocol. The main disadvantages of such languages include performance limitations and their error-prone nature due to lack of type checking. In this paper we address these limitations by building bindings in Rust, which aims to offer high performance and numerous correctness guarantees while still maintaining reasonable development iteration speed. We show examples of performance improvements and present a real use case to validate the usability of the library.