Menu
I would like to obtain a list of the system calls used in a given binary (x86_64) with static analysis. I tried strace but it does not guarantee that it is a complete list as some system calls might not be called during execution.
285
For C/C++ you can try CppDepend to detect all the dependencies with the external libraries and system calls. However you have to analyse the source code and not the binaries.
121
In static analysis, assuming that the binary is not obfuscated, there are several tools that could provide insight into the binary. The most commonly used is IDA. When analyzing the binary by itself, several compiling options play an important role in challenging static analysis techniques, namely dynamic vs static linked, stripped binary, optimization options, and etc.
One way of finding system calls is to use IDAPython API to create a script in order to find system calls according to the descriptions here X86 Assembly/Interfacing with Linux and here Linux Syscall Reference. IDAPython provides a "good enough" API to look at the instructions in each Basic Block to conclude what system call is being invoked.
44
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
