Miasm
Reverse engineering framework in Python
The Miasm intermediate representation is used for multiple task: emulation through its jitter engine, symbolic execution, DSE, program analysis, but the intermediate representation can be a bit hard to read. We will present in this article new tricks Miasm has learned in 2018. Among them, the SSA/Out-of-SSA transformation, expression propagation and high-level operators can be joined to “lift” Miasm IR to a more human-readable language. We use graphviz to illustrate some graphs. Its layout does not always totally conform with a reverse engineering “ideal view”, so please be tolerant of those odd graphs. Miasm is not the first tool to implement this feature. But, well, as the tool already had everything needed to implement DSE, it was just a matter of time before these features landed in the main branch.