Remill is a static binary translator that translates machine code instructions into LLVM bitcode. It translates x86 and amd64 machine code (including AVX and AVX512) into LLVM bitcode. AArch64 support is underway.
Remill focuses on accurately lifting instructions. It is meant to be used as a library for other tools, e.g. McSema.
| master | |
|---|---|
| Linux |
- How to contribute
- How to implement the semantics of an instruction
- How instructions are lifted
- The design and architecture of Remill
If you are experiencing undocumented problems with Remill then ask for help in the #binary-lifting channel of the Empire Hacking Slack.
Remill is supported on Linux platforms and has been tested on Ubuntu 14.04 and 16.04.
We are actively working on porting Remill to macOS.
Most of Remill's dependencies can be provided by the cxx-common repository. Trail of Bits hosts downloadable, pre-built versions of cxx-common, which makes it substantially easier to get up and running with Remill. Nonetheless, the following table represents most of Remill's dependencies.
| Name | Version |
|---|---|
| Git | Latest |
| CMake | 3.2+ |
| Google Flags | 2.2.0 |
| Google Log | 0.3.4 |
| Google Test | 1.8.0 |
| LLVM | 3.5+ |
| Clang | 3.5+ |
| Intel XED | 2016-02-02 |
| Python | 2.7 |
| Unzip | Latest |
First, update aptitude and get install the baseline dependencies.
sudo apt-get update
sudo apt-get upgrade
sudo apt-get install \
git \
python-pip \
build-essential \
realpathNext, clone the repository. This will clone the code into the remill directory.
git clone [email protected]:trailofbits/remill.gitNext, we build Remill. This script will create another directory, remill-build
at the same level as the remill directory. All remaining dependencies needed
by Remill will be built in the remill-build directory.
./remill/scripts/build.shNext, we can install Remill. Remill itself is a library, and so there is no real way to try it. However, you can head on over to the McSema repository, which uses Remill for lifting instructions.
cd ./remill-build
sudo make installWe can also build and run Remill's test suite.
cd ./remill-build
make build_x86_tests
./cmake-3.2.0-Linux-x86_64/bin/ctest