Parsing binary data with Kaitai Struct

From Hackerspace.gr
Jump to: navigation, search
Kaitai.png

external link
Starts Organizer
Fri 18 Jan 2019 17:30 Binary data format hackers
Ends Event Owner
Fri 18 Jan 2019 21:00 User:Acinonyx

A hacking session for parsing binary data with Kaitai Struct.



What is Kaitai Struct

Kaitai Struct is a declarative language used to describe various binary data structures, laid out in files or in memory: i.e. binary file formats, network stream packet formats, etc.

A format can be described in Kaitai Struct YAML language (KSY file) and then compiled into generated source code in one of the supported programming languages. Binary formats are designed to be machine-readable. Even when someone is working with a clean, well-documented format, there can be multiple pitfalls like:

  • endianness
  • in-memory structure alignment
  • variable size structures
  • conditional fields
  • repetitions
  • fields that depend on other fields previously read
  • etc

Kaitai Struct tries to isolate the author from all the above details but to focus on the things that matter: the data structure itself, not particular ways to read or write it.


What is this event about

There will be a brief presentation of basic concepts of binary parsing and how Kaitai Struct supports them. We will then explore Kaitai Struct Web IDE and try to create our own parsers.

How can you participate

You can hack around with the Web IDE but if you really want to generate your own parsers you will probably need:

  1. A YAML editor for creating or editing KSYs
  2. Git for cloning some ready-made parsers
  3. Docker for running a one-shot container to compile the structs
  4. Your favorite supported programming language (C++/STL, C#, Go, Java, JavaScript, Lua, Perl, PHP, Python, Ruby)