Quick start

This notebook gives an example on how to use this SDK to upload, start analysis and get the analysis result of a file.

Initialize

To initialize the SDK, please prepare your Secret ID and Secret Key. Please apply from us if you don’t have one.

The Secret ID & Key is the only credential to access API, so please keep it safely. We recommend you read your keys to environment variable, instead of saving in your code:

$ read BINARYAI_SECRET_ID
#(enter your secret id)
$ read BINARYAI_SECRET_KEY
#(enter your secret key)
$ export BINARYAI_SECRET_ID
$ export BINARYAI_SECRET_KEY

Once those environment variables are set, our SDK can read them directly.

To initialize the SDK:

[1]:

# Uncomment to get more logs
# import logging
# logging.basicConfig(stream=sys.stdout, level=logging.INFO)
# logger = logging.getLogger("binaryai_sdk")

from binaryai import BinaryAI

bai = BinaryAI() # Initialize the client

Great! If no exceptions raised, the client is initialized.

Upload and analyze file

Note: file upload might be rejected if file is too big or upload is too quick.

Now you can upload by the file path:

[2]:

 # if upload succeed, file hash is returned
sha256 = bai.upload("/bin/echo")

# wait until done. timeout=-1 means wait forever
bai.wait_until_analysis_done(sha256, timeout=-1)

print("analysis succeed")

analysis succeed

Get analysis result

You can get analysis result by giving hash of a file for each method:

[3]:

bai.get_overview(sha256)

[3]:

{'fileType': 'ELF64',
 'machine': 'AMD64',
 'platform': 'LINUX',
 'endian': 'LITTLE_ENDIAN',
 'loader': 'x86:LE:64:default',
 'entryPoint': 1059200,
 'baseAddress': 1048576}

[4]:

funcs = bai.list_funcs(sha256)
for i, f in enumerate(funcs):
    print("[{}: {}]".format(i+1, f.name))
    if i > 10:
        break

[1: _DT_INIT]
[2: FUN_00102020]
[3: <EXTERNAL>::getenv]
[4: <EXTERNAL>::free]
[5: <EXTERNAL>::abort]
[6: <EXTERNAL>::__errno_location]
[7: <EXTERNAL>::strncmp]
[8: <EXTERNAL>::_exit]
[9: <EXTERNAL>::__fpending]
[10: <EXTERNAL>::textdomain]
[11: <EXTERNAL>::fclose]
[12: <EXTERNAL>::bindtextdomain]

Or initialize a file object and call it:

[5]:

from binaryai import BinaryAIFile
# This pair of hash is the same file
sha256 = "289616b59a145e2033baddb8a8a9b5a8fb01bdbba1b8cf9acadcdd92e6cc0562"
md5 = "c3366c6b688a5b5fa4451fec09930e06"
bai_file = BinaryAIFile(bai, md5=md5)
for component in bai_file.get_sca_result():
    print(component.name)
    print("----")

reptile
----
tsh
----

As shown above, you can always give a file hash (md5 or sha256) to get its analysis result.

Read examples/ in SDK repository or read the SDK API document for more info.