1. InfoconDB
  2. DeepSec
  3. DeepSec 2013 „Secrets, Failures, and Visions“
  4. spin: Static Instrumentation For Binary Reverse-Engineering

spin: Static Instrumentation For Binary Reverse-Engineering

Presented at DeepSec 2013 „Secrets, Failures, and Visions“, Unknown date/time (Unknown duration)

My talk proposal is about binary instrumentation and its applications in the field of reverse-engineering and hacking. Binary instrumentation is a technique used in many fields such as computer architecture, application profiling, emulation and dynamic translation. But its interactions with the security field so far have been mostly in malware and threat analysis. This talk proposes new applications for binary instrumentation such as executable hacking and function hooking. As an example we present a simple analysis routine capable of locating security critical functions in serial protected applications by performing runtime analysis of the program's functions. In the end we are able to modify the programs behavior to accept any user input. Another interesting application presented is the ability to locate and hook critical functions in a web browser: we are able to find and hook Opera's HTTP request generator function and sniff out data sent to the server before it gets ciphered under SSL and TLS layers. Finally we present a tool called spin which is the base for all the examples shown. This tool performs static binary instrumentation in a very lightweight way: it only instruments at function level statically.

Presenters:

  • David Guillen Fandos
    David Guillen Fandos graduated in Computer Science (2012) and Telecommunications Engineering (2013) from Polytechnic University of Catalonia in Barcelona. Loves computer architecture, operating systems, compilers and, of course, hacking. Reverse-engineering and obfuscation are his main research areas. He has also worked in video games since he was 14 and developed video-games for consoles such as PSP and GameCube/Wii. He has a passion for Electronics and hardware hacking, specially firmware and driver development though he hasn't published any research done in those fields so far. Currently he is working at Intel in the area of processor architecture design.

Links:

Similar Presentations: