CollaRE v0.3

Intorduction

CollareRE is a tool for collaborative reverse engineering that aims to allow teams that do need to use more then one tool during a project to collaborate without the need to share the files on a separate locations. It also contains a very simple user management and as such can be used for a multi-project servers where different teams work on different projects. The back-end of the tool is a simple Flask app with nginx in front of it running in Docker that works with files and JSON based manifests that hold the relevant data. The front-end is a PyQT based GUI tool with a simple interface that allows managing the projects and working with the binary files and their corresponding reverse engineering databases. As of now the tool supports Binary Ninja, Cutter (Rizin), Ghidra, Hopper Dissassembler, IDA and JEB. The implementation is abstracted from the inner workings of these tools as much as possible to avoid issues with any API changes and thus does not integrate directly into those tools in form of a plugin (might change in the future). The work is based purely on managing the files produced by these tools (literally just based on the well known file extensions) and a simple SVN style check-out and check-in operations.

Installation

Download/clone this repository and run sudo python3 setup.py install. On Linux this will install the tool to the PATH and you will be able to run it simply with collare command. On Windows this will put the file into the C:\Users\<USERNAME>\AppData\Local\Programs\Python\<PYTHON_VERSION>\Scripts\collare.exe (depending on how you installed Python).

For Gnome based desktop UIs you can use following desktop file (paths to files may vary):

[Desktop Entry]
Type=Application
Encoding=UTF-8
Name=CollaRE
Exec=/usr/local/bin/collare
Icon=/usr/local/lib/python3.8/dist-packages/collare-0.1-py3.8.egg/collare/icons/collare.png
Terminal=false

Supported Tools

Cutter (Rizin)

To enable support for this tool add a file Cutter to your path (when you open cmd/terminal writing Cutter should start the application). When saving Cutter (rizin) projects you have to manually append .rzdb. Do not remove the extension that the file already has (exe or so for example).

Binary Ninja

To enable support for this tool add a file binaryninja to your path (when you open cmd/terminal writing binaryninja should start the application). Binary Ninja is removing file extensions by default, however the tool accounts for this so there is no need to put the original file extension back manually. Saving the projects as is in a default path is enough to be able to successfully push local bndb database.

Hopper Disassembler

To enable support for this tool add a file Hopper to your path (when you open cmd/terminal writing Hopper should start the application). Hopper is removing file extensions by default, however the tool accounts for this so there is no need to put the original file extension back manually. Saving the projects simply with Ctrl+S is enough to be able to successfully push local hop database.

JEB

To enable support for this tool add a file jeb to your path (when you open cmd/terminal writing jeb should start the application). This can be done by renaming the default runner script file for your OS to jeb (for Windows this would actually be jeb.bat).

IDA Pro

To enable support for this tool add a file ida64 to your path (when you open cmd/terminal writing ida64 should start the application).

Ghidra

To enable support for this tool add a file ghidraRun and analyzeHeadless (.bat for Windows) to your path (when you open cmd/terminal writing ghidraRun should start the application). Note that analyzeHeadless is in support folder in the Ghidra root directory so make sure to adjust PATH to accommodate both files. The process of initializing the database with Ghidra is a bit more complicated as there is no way that Ghidra will process file without creating a project. So to be able to push the Ghidra database (referred to as ghdb) you will be prompted to create a project manually whenever automatic processing fails (basically whenever the file you process is not ELF/PE) and then specify the path to the gpr file (sorry for that).

Usage

After deploying the server side as mentioned in its own readme file, it is necessary to distribute the used certificate file to all users of the application as well as use the default admin account with admin password to create other user accounts (don't forget to change password of admin user) via the Admin tab. When the users are configured anyone can create their own projects and start working with the tool itself.

Creating projects

To create a project user has to first authenticate to the remote server by entering the URL, credentials and provide a certificate to validate the server identity. After that, the status will change to Connected and it is possible to select or delete existing projects or create a new project by simply entering the name (alphanumeric characters and _ only) and selecting users that will be participating on the project (can be changed later in the Admin tab). Note that the user that is creating the project is automatically added to the user list so you do not have to select yourself.

Project Structure and File Uploads

Once you are on the Project View tab you can create new folders (alphanumeric characters and _ only, sorry) and use drag and drop to upload files (or folders).

Pushing Local DB Files

Since the tool currently does not have any plugins or native hooks that would allow automatic uploads when the project is saved it is required that the local DB file push is triggered manually after creating the desired databases. This can be done by right-clicking on the uploaded binary file and choosing the tool you want to process the binary in. You can do basic analysis but it is strongly recommended to just save the file without changing anything (apart from appending rzdb in Cutter and completely different process with Ghidra). DO NOT CHANGE THE PATH AND FILENAME. After doing this and closing the disassembler you can just right click on the binary name and select option Push Local DBs. This will upload the local database and from now on when you want to work with the DB file you need to perform Check-out. Note that each binary can be processed in all the tools separately but only one DB file per binary and tool can exist.

Working with DB Files

When you just want to inspect the file you can right-click the desired DB file and select option Open File (or just double-click). If the file is checked-out to you this will open the local file and you can freely perform any changes to the DB file. When done (or when you simply want to push the changes) you can select the Check-in option. This will upload the changes to the server and prompt you whether you want to keep the file checked-out for further changes. If you want to discard your local changes select the Undo Check-out option from the context menu. This will discard your changes and allow you to continue with the file from the server. Opening a file without doing a Check-out operation first will open it in a fake read-only mode (you can do changes to the DB file but those will be lost next time you check-out or open the file).

Versioning

The tool also supports versioning the DB files in a way that every Check-in action counts as a new version of the DB file. You will be prompted to insert a comment for the version which is used to give more context to the changes that are applied in that version. It is then possible to open or check-out the previous versions of the files and work on those.

Plugins

The plugins folder within this repository contains plugins for the supported tools which allow you to share comments and function names between the tools in case that you work on one binary with multiple tools. Follow the standard plugin installation instructions for the tool you are interested in. Each plugin offers an Import and an Export function. When you plan to share the data between the tools always make sure that you Import data first to avoid renaming functions that were already renamed by someone else. If the plugin comes with some catches, those are mentioned in the README file of the given plugin.

Roadmap

• v0.1 - Initial BETA release
• v0.2 - BETA release with DB files versioning support
• v0.3 - BETA release with comments/function names sync between DBs (PoC with two tools)
• v1.0 - Initial production ready release with all major features implemented

Disclaimer

I am not a good developer and I am even worse UI designer.