Parsing binary data with Kaitai Struct
|Fri 18 Jan 2019 17:30||Binary data format hackers|
|Fri 18 Jan 2019 21:00||User:Acinonyx|
A hacking session for parsing binary data with Kaitai Struct.
What is Kaitai Struct
Kaitai Struct is a declarative language used to describe various binary data structures, laid out in files or in memory: i.e. binary file formats, network stream packet formats, etc.
A format can be described in Kaitai Struct YAML language (KSY file) and then compiled into generated source code in one of the supported programming languages. Binary formats are designed to be machine-readable. Even when someone is working with a clean, well-documented format, there can be multiple pitfalls like:
- in-memory structure alignment
- variable size structures
- conditional fields
- fields that depend on other fields previously read
Kaitai Struct tries to isolate the author from all the above details but to focus on the things that matter: the data structure itself, not particular ways to read or write it.
What is this event about
There will be a brief presentation of basic concepts of binary parsing and how Kaitai Struct supports them. We will then explore Kaitai Struct Web IDE and try to create our own parsers.
How can you participate
You can hack around with the Web IDE but if you really want to generate your own parsers you will probably need:
- A YAML editor for creating or editing KSYs
- Git for cloning some ready-made parsers
- Docker for running a one-shot container to compile the structs