Creating Code Obfuscation Virtual Machines

Presented at REcon 2008, June 14, 2008, 11 a.m. (60 minutes).

This is the VM Creation 101 talk. The talk details what a virtual machine is and how they are used. It focuses on embedded virtual machines used for code obfuscation. Specific coding examples are provided on how to write your own opcode interpreter. Code samples on how to embed your newly created VM into a C application is also provided. Additional obfuscation techniques for the VM are discussed and even though this is a 101 course a solid understanding of x86 assembler is required.


Presenters:

  • Craig Smith
    Craig Smith is a Senior Application Security Consultant at Neohapsis. Craig specializes in reverse engineering tools and techniques with emphasis on malware and protection schemes. Before joining Neohapsis he focused on creating forensic tools and automation systems for locating security flaws within binary executables. Tools and techniques used in the presentation are almost always free and open source. Prior knowledge to x86 assembler is recommended.

Links:

Similar Presentations: