building a concrete alternative to ida
play

building a concrete alternative to ida 1 were sorry raxcity.com - PowerPoint PPT Presentation

May 20, 2023 •388 likes •1.04k views

Jeffrey (crowell) Crowell Julien (jvoisin) Voisin Radare2 to the rescue! June 20, 2015 REcon 2015 Montreal building a concrete alternative to ida 1 were sorry raxcity.com Shellphish Boston Key Party

  1. Jeffrey (crowell) Crowell – Julien (jvoisin) Voisin Radare2 to the rescue! June 20, 2015 REcon 2015 – Montreal building a concrete alternative to ida

  2. 1 we’re sorry

  3. ∙ raxcity.com ∙ Shellphish ∙ Boston Key Party ∙ <redacted> ∙ dustri.org ∙ Knows some english 2 who are we? jvoisin crowell ∙ Work at Google ∙ Soon graduated

  4. ∙ ImmunityDBG ∙ WinDBG ∙ ∙ IDA Pro ∙ WineDBG ∙ Hopper ∙ OllyDBG 3 toolbag Amateur Professional ∙ IDA Pro

  5. ∙ ImmunityDBG ∙ WinDBG ∙ ∙ IDA Pro (pirated) ∙ WineDBG (pirated Windows) ∙ Hopper (probably not) ∙ OllyDBG (not maintained) 3 toolbag Amateur Professional ∙ IDA Pro ($5000)

  6. ∙ Created by Ilfak Guilfanov ∙ First DataRescue, then Hex-Rays ∙ Closed-source and expensive ∙ Lots of architectures are supported ∙ Decompilation! ∙ Awesome piece of software 4 ida pro

  7. ∙ Created by Ilfak Guilfanov ∙ First DataRescue, then Hex-Rays ∙ Closed-source and expensive ∙ Lots of architectures are supported ∙ Decompilation! ∙ Awesome piece of software 4 ida pro

  8. ∙ Created by Ilfak Guilfanov ∙ First DataRescue, then Hex-Rays ∙ Closed-source and expensive ∙ Lots of architectures are supported ∙ Decompilation! ∙ Awesome piece of software 4 ida pro

  9. ∙ Created by Ilfak Guilfanov ∙ First DataRescue, then Hex-Rays ∙ Closed-source and expensive ∙ Lots of architectures are supported ∙ Decompilation! ∙ Awesome piece of software 4 ida pro

  10. ∙ Created by Ilfak Guilfanov ∙ First DataRescue, then Hex-Rays ∙ Closed-source and expensive ∙ Lots of architectures are supported ∙ Decompilation! ∙ Awesome piece of software 4 ida pro

  11. ∙ Created by Ilfak Guilfanov ∙ First DataRescue, then Hex-Rays ∙ Closed-source and expensive ∙ Lots of architectures are supported ∙ Decompilation! ∙ Awesome piece of software 4 ida pro

  12. radare2, cet inconnu

  13. ∙ 350k LoC under LGPL ∙ radare in 2006 ∙ forensics tool ∙ radare2 in 2009 ∙ written in pure C ∙ multi-purpose suite of tools 6 history

  14. ∙ 350k LoC under LGPL ∙ radare in 2006 ∙ forensics tool ∙ radare2 in 2009 ∙ written in pure C ∙ multi-purpose suite of tools 6 history

  15. ∙ 350k LoC under LGPL ∙ radare in 2006 ∙ forensics tool ∙ radare2 in 2009 ∙ written in pure C ∙ multi-purpose suite of tools 6 history

  16. ∙ 350k LoC under LGPL ∙ radare in 2006 ∙ forensics tool ∙ radare2 in 2009 ∙ written in pure C ∙ multi-purpose suite of tools 6 history

  17. ∙ radare in 2006 ∙ forensics tool ∙ radare2 in 2009 ∙ written in pure C ∙ multi-purpose suite of tools 6 history ∙ 350k LoC under LGPL

  18. ∙ radare in 2006 ∙ forensics tool ∙ radare2 in 2009 ∙ written in pure C ∙ multi-purpose suite of tools 6 history ∙ 350k LoC under LGPL

  19. ∙ likely packaged in your distribution ∙ install from source though ;-) ∙ more than 50 contributors for the latest release ∙ RSoC (+GSoC) 7 history

  20. ∙ likely packaged in your distribution ∙ install from source though ;-) ∙ more than 50 contributors for the latest release ∙ RSoC (+GSoC) 7 history

  21. ∙ likely packaged in your distribution ∙ install from source though ;-) ∙ more than 50 contributors for the latest release ∙ RSoC (+GSoC) 7 history

  22. ∙ likely packaged in your distribution ∙ install from source though ;-) ∙ more than 50 contributors for the latest release ∙ RSoC (+GSoC) 7 history

  23. ∙ ragg2 ∙ radiff2 ∙ rabin2 ∙ rafind2 ∙ rahash2 ∙ rarun2 ∙ rasm2 ∙ rax2 ∙ radare2 Compile programs into tiny binaries for x86-32/64 and arm. 8 r2tools

  24. ∙ ragg2 ∙ radiff2 ∙ rabin2 ∙ rafind2 ∙ rahash2 ∙ rarun2 ∙ rasm2 ∙ rax2 ∙ radare2 Binary diffing 8 r2tools

  25. ∙ ragg2 ∙ radiff2 ∙ rabin2 ∙ rafind2 ∙ rahash2 ∙ rarun2 ∙ rasm2 ∙ rax2 ∙ radare2 8 r2tools Binary program info extractor (think readelf )

  26. ∙ ragg2 ∙ radiff2 ∙ rabin2 ∙ rafind2 ∙ rahash2 ∙ rarun2 ∙ rasm2 ∙ rax2 ∙ radare2 Search for byte patterns in files 8 r2tools

  27. ∙ ragg2 ∙ radiff2 ∙ rabin2 ∙ rafind2 ∙ rahash2 ∙ rarun2 ∙ rasm2 ∙ rax2 ∙ radare2 Block based hashing utility 8 r2tools

  28. ∙ ragg2 ∙ radiff2 ∙ rabin2 ∙ rafind2 ∙ rahash2 ∙ rarun2 ∙ rasm2 ∙ rax2 ∙ radare2 Run programs in exotic environments 8 r2tools

  29. ∙ ragg2 ∙ radiff2 ∙ rabin2 ∙ rafind2 ∙ rahash2 ∙ rarun2 ∙ rasm2 ∙ rax2 ∙ radare2 Assembler/disassembler 8 r2tools

  30. ∙ ragg2 ∙ radiff2 ∙ rabin2 ∙ rafind2 ∙ rahash2 ∙ rarun2 ∙ rasm2 ∙ rax2 ∙ radare2 Base converter 8 r2tools

  31. ∙ ragg2 ∙ radiff2 ∙ rabin2 ∙ rafind2 ∙ rahash2 ∙ rarun2 ∙ rasm2 ∙ rax2 ∙ radare2 Combine everything together 8 r2tools

  32. 9 ∙ … ∙ GB/GBA/DS ∙ BIOS/TE ∙ DEX/JAVA ∙ Fatmach0/Mach0 ∙ ELF, ELF64 ∙ MZ/PE+/PE/COFF ∙ BIOS ∙ QNX ∙ Plan9 ∙ Web browser ∙ Smartwatch ∙ Android and iOS ∙ OSX ∙ *BSD ∙ GNU/Linux ∙ Windows ∙ XBOX platforms Runs on Handles

  33. ∙ 8051 ∙ arc ∙ arm ∙ avr ∙ brainfuck ∙ cr16 ∙ csr ∙ dalvik ∙ dcpu16 ∙ ebc ∙ gb ∙ h8300 10 architectures

  34. ∙ i4004 ∙ i8080 ∙ java ∙ LH5801 ∙ m68k ∙ malbolge ∙ mips ∙ msil ∙ msp430 ∙ nios2 ∙ powerpc ∙ rar 10 architectures

  35. 10 ∙ x86 ∙ 6502 ∙ psosvm ∙ snes ∙ propeller ∙ z80 ∙ xcore ∙ whitespace ∙ ART ∙ v850 ∙ tms320 ∙ sysz ∙ spc700 ∙ sparc ∙ sh architectures

  36. r2 internals

  37. ∙ At it’s heart, a library. ∙ Swig/Valabind ∙ Build your own tools on top of radare2 12 r2 is a library

  38. 13 Bindings are boring, let’s call r2 instead! r2 is a library, with r2pipe included

  39. 3rd party (or 1st party) plugins ∙ … 14 r2 is pluggable ∙ r_asm , assembler and disassembler ∙ r_anal , code analysis (opcode, type, esil) ∙ r_reg , registers ∙ r_syscall , system calls ∙ r_debug , debugger ∙ r_io , io layer ∙ r_search , search engine

  40. feature comparison

  41. ∙ R2 is like vim ∙ Just append ? everywhere 16 ida has a book, r2 is self-documented (and also has a book too) ∙ Combine intuitives commands

  42. ∙ Python ∙ NodeJS ∙ C ∙ Lua ∙ Lisp ∙ Vala ∙ Ruby ∙ Go ∙ Rust ∙ Perl ∙ OCaml ∙ … 17 ida has plugins, r2 has more bindings

  43. ∙ Debugger-compliant ∙ Minimap ∙ Interactive 18 ida has some graphs, r2 does too (but in ascii)

  44. ∙ name functions ∙ define code/data ∙ leave comments ∙ name stack variables ∙ mark structures ∙ use types ∙ define/modify functions 19 ida is clever but also interactive, so is r2 ∙ mark flags

  45. 20 ida has a nice gui, so does, well, err, mh, …

  46. It’s not all that scary! ∙ Familiar vim keybindings. ∙ Communicate over r2pipe. 21 actually… ∙ Visual Mode - friendly enough? ∙ Web UI - The future of collaborative reversing!

  47. ∙ Ncurses-like ∙ Static ∙ Dynamic ∙ Analysis ∙ Try it, really. 22 ida has an old-school tui mode, r2 has a better one.

  48. 23 ida has no web-ui, r2 does.

  49. ∙ Classic features ∙ Visual mode too ∙ Several backends ∙ Tracing ∙ Remote 24 ida has a debugger, so does r2

  50. ∙ Functions detection ∙ Local var detection ∙ FLIRT integration ∙ (X)REF ∙ DWARF and PDB 25 ida has kick-ass analysis, r2 has some too ∙ zignatures

  51. ∙ ESIL ∙ RPN-ish ∙ Documented ∙ Emulation ∙ Decompilation ∙ Analysis 26 ida some internal il, r2 has an open one

  52. ∙ Regexp ROP hunter ∙ Mitigations detection ∙ Emulation ∙ Patterns ∙ Environment control 27 ida has plugins for pwnage, r2 put this in core

  53. 28 ida has plugins for bindiffing, r2 put this in core

  54. summary

  55. ∙ GSoC ∙ Stabilization ∙ A fresh release ∙ Second edition of our RSoC ∙ ~1000 LoC modified per week 30 and now?

  56. ∙ Super-steep learning curve ∙ A lot of features ∙ Fast-moving target ∙ IDA is friendlier 31 current drawbacks

  57. ∙ Free-software ∙ Exotic arch support ∙ Active development ∙ A lot of features ∙ More and more users 32 current ��������

  58. 33 ∙ Magic lantern Do you? We do! ∙ … ∙ OverTheWire ∙ io from smashthestack ∙ Cool wargames ∙ … ∙ Coreboot ∙ Some top-notch ctf teams ∙ Some popular RE projects ∙ … ∙ IOActive ∙ AlienVault ∙ Anti-malware companies ∙ … ∙ Dragon Sector ∙ Shellphish who uses r2 currently?

  59. 33 ∙ Magic lantern Do you? We do! ∙ … ∙ OverTheWire ∙ io from smashthestack ∙ Cool wargames ∙ … ∙ Coreboot ∙ Some top-notch ctf teams ∙ Some popular RE projects ∙ … ∙ IOActive ∙ AlienVault ∙ Anti-malware companies ∙ … ∙ Dragon Sector ∙ Shellphish who uses r2 currently?

  60. ∙ Complete-emulation ∙ Decompilation ∙ A complete GUI ∙ What do you want? 34 and tomorrow?

  61. Monoculture is bad. Question IDA supremacy 1 . 1 And don’t pirate it! 35 conclusion

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

twenty six concrete construction: columns &amp; frames http://www.building.co.uk Concrete

twenty six concrete construction: columns &amp; frames http://www.building.co.uk Concrete

A RCHITECTURAL S TRUCTURES : F ORM, B EHAVIOR, AND D ESIGN A RCH 331 D R. A NNE N ICHOLS S PRING 2018 lecture twenty six concrete construction: columns &amp; frames http://www.building.co.uk Concrete Columns 1 Architectural Structures

371 views • 12 slides
ON AN ALTERNATIVE TO TRADITIONAL CONCRETE FORMWORK FOR WALLS AUSTRALIAN INVENTED, OWNED AND

ON AN ALTERNATIVE TO TRADITIONAL CONCRETE FORMWORK FOR WALLS AUSTRALIAN INVENTED, OWNED AND

OUR OBJECTIVE: TO PROVIDE EDUCATION ON AN ALTERNATIVE TO TRADITIONAL CONCRETE FORMWORK FOR WALLS AUSTRALIAN INVENTED, OWNED AND MANUFACTURED Launched in 2006, and prompted by increasing construction costs with a decreasing availability of

683 views • 46 slides
Alternative Testing Strategies for Support of Concrete Pavement Mixture Development Challenges

Alternative Testing Strategies for Support of Concrete Pavement Mixture Development Challenges

Alternative Testing Strategies for Support of Concrete Pavement Mixture Development Challenges posed in pavement mixture proportioning Materials concerns Alternative Testing Strategies for Support of Unfamiliar cement sources, blended

397 views • 7 slides
Bamboo As a Viable Alternative to Steel Reinforcement in Concrete TYSON BALDREY, RANDY HOLMBERG,

Bamboo As a Viable Alternative to Steel Reinforcement in Concrete TYSON BALDREY, RANDY HOLMBERG,

Bamboo As a Viable Alternative to Steel Reinforcement in Concrete TYSON BALDREY, RANDY HOLMBERG, ALLAN JOHNSTON RSR-2265 INSTRUCTOR: LORNE ATWOOD APRIL 5, 2018 Research Question We intended to validate, through experimentation and analysis,

820 views • 32 slides
Prompt Assessment of Global Earthquakes for Response Data for Reinforced Concrete Building Type

Prompt Assessment of Global Earthquakes for Response Data for Reinforced Concrete Building Type

Prompt Assessment of Global Earthquakes for Response Data for Reinforced Concrete Building Type in India (C3) Nonlinear Static Pushover Analysis An internal frame of a four storey RC building A four storey RC building Different Models

539 views • 21 slides
Concrete and Steel Rebar Steel Rebar for reinforcing Concrete Steel Rebar for reinforcing

Concrete and Steel Rebar Steel Rebar for reinforcing Concrete Steel Rebar for reinforcing

Traditional Building Materials Concrete and Steel Rebar Steel Rebar for reinforcing Concrete Steel Rebar for reinforcing Concrete Steel Rebar for reinforcing Concrete Steel Rebar for reinforcing Concrete Advantage Easy to use Initial

522 views • 37 slides
Po Portland Pu Public Schools Ju July 5, 2016 Summary y of Portland Building Stock

Po Portland Pu Public Schools Ju July 5, 2016 Summary y of Portland Building Stock

Po Portland Pu Public Schools Ju July 5, 2016 Summary y of Portland Building Stock Unreinforced Masonry Wood 9% Tilt-up concrete 48% 6% Infilled Frames 1% Reinforced Masonry 13% Concrete Shear Wall 17% Concrete Frames

752 views • 43 slides
Sustainable building A case study on concrete recycling in France Laurens Duin, Ecologic

Sustainable building A case study on concrete recycling in France Laurens Duin, Ecologic

Sustainable building A case study on concrete recycling in France Laurens Duin, Ecologic Institute www.circular-impacts.eu 07/12/2017 www.circular-impacts.eu Why concrete recycling in France? Concrete recycling is already possible Quality

195 views • 7 slides
Concrete Building in the Field Akmaluddin Ni Nyoman Kencanawati Ahmad Gazi Paedullah

Concrete Building in the Field Akmaluddin Ni Nyoman Kencanawati Ahmad Gazi Paedullah

4 th ICRMCE 2018 Application of NDT Apparatus for Possible Use as Structural Health Monitoring of Concrete Building in the Field Akmaluddin Ni Nyoman Kencanawati Ahmad Gazi Paedullah Postgraduate Study Program of Civil Engineering Faculty of

485 views • 26 slides
nineteen service loads x load factors concrete holds no tension failure criteria is

nineteen service loads x load factors concrete holds no tension failure criteria is

A RCHITECTURAL S TRUCTURES : Concrete Beam Design F ORM, B EHAVIOR, AND D ESIGN composite of concrete and steel A RCH 331 D R. A NNE N ICHOLS American Concrete Institute (ACI) S UMMER 2018 design for maximum stresses lecture limit

641 views • 9 slides
twenty one service loads x load factors concrete holds no tension failure criteria is

twenty one service loads x load factors concrete holds no tension failure criteria is

E LEMENTS OF A RCHITECTURAL S TRUCTURES : Concrete Beam Design F ORM, B EHAVIOR, AND D ESIGN composite of concrete and steel ARCH 614 D R. A NNE N ICHOLS American Concrete Institute (ACI) S PRING 2019 design for maximum stresses

253 views • 6 slides
twenty two service loads x load factors concrete holds no tension failure criteria is

twenty two service loads x load factors concrete holds no tension failure criteria is

A RCHITECTURAL S TRUCTURES : Concrete Beam Design F ORM, B EHAVIOR, AND D ESIGN composite of concrete and steel ARCH 331 D R. A NNE N ICHOLS American Concrete Institute (ACI) S PRING 2018 design for maximum stresses lecture limit

346 views • 9 slides
Concrete Recycling in Pavement Applications Update on the FHWA Concrete Recycling Initiative

Concrete Recycling in Pavement Applications Update on the FHWA Concrete Recycling Initiative

Concrete Recycling in Pavement Applications Update on the FHWA Concrete Recycling Initiative Tara Cavalline, Ph.D., P.E. UNC Charlotte tcavalline@uncc.edu Presentation to National Concrete consortium September 20, 2017 Concrete Recycling

618 views • 26 slides
Use of Concrete Maturity For Use of Concrete Maturity For Measuring In-Place Strength of

Use of Concrete Maturity For Use of Concrete Maturity For Measuring In-Place Strength of

Use of Concrete Maturity For Use of Concrete Maturity For Measuring In-Place Strength of Measuring In-Place Strength of Concrete Concrete Prasad Rangaraju, Ph.D., P.E. Assistant Professor Department of Civil Engineering Clemson University

1.08k views • 63 slides
ABC Webinar at FIU Concrete Bridges Concrete Bridges William Nickas, P.E. Managing Director,

ABC Webinar at FIU Concrete Bridges Concrete Bridges William Nickas, P.E. Managing Director,

ABC Webinar at FIU Concrete Bridges Concrete Bridges William Nickas, P.E. Managing Director, Transportation Systems Precast/Prestressed Concrete Institute 2 National Concrete Bridge Council American Coal Ash Association American

1.25k views • 104 slides
Building Up First Nations Community Schooling: An Alternative to the First Nations Education Act

Building Up First Nations Community Schooling: An Alternative to the First Nations Education Act

Building Up First Nations Community Schooling: An Alternative to the First Nations Education Act PANEL DISCUSSION Paul W. Bennett Senior Education Fellow, Northern Policy Institute, and Adjunct Professor of Education, Saint Marys University

375 views • 18 slides
Phonology of Pitch Change Elizabeth Selkirk (1995) Sentence Prosody: Intonation, Stress, and

Phonology of Pitch Change Elizabeth Selkirk (1995) Sentence Prosody: Intonation, Stress, and

Phonology of Pitch Change Elizabeth Selkirk (1995) Sentence Prosody: Intonation, Stress, and Phrasing Pitch as a perception correlate of fundamental frequency ( F 0 ) the frequency at which vocal folds oscillate. Peter Makarov Pitch change

413 views • 5 slides
Inferring phonemic classes from CNN activation maps using clustering techniques Thomas

Inferring phonemic classes from CNN activation maps using clustering techniques Thomas

Inferring phonemic classes from CNN activation maps using clustering techniques Thomas Pellegrini, Sandrine Mouysset Universit e de Toulouse; UPS; IRIT; Toulouse, France thomas.pellegrini@irit.fr, sandrine.mouysset@irit.fr 1 / 19 Motivation

324 views • 19 slides
Aggregate Analysis of Vowel Pronunciation Introduction The Goal in Swedish Dialects Language

Aggregate Analysis of Vowel Pronunciation Introduction The Goal in Swedish Dialects Language

Aggregate Analysis of Vowel Pronunciation in Swedish Dialects Mei-Shin Wu Aggregate Analysis of Vowel Pronunciation Introduction The Goal in Swedish Dialects Language leveling The aggregating methods Swedish Dialects Leinonen, Therese,

556 views • 32 slides
Phonetic Modeling in ASR Chuck Wooters 3/16/05 EECS 225d Introduction VARIATION The central

Phonetic Modeling in ASR Chuck Wooters 3/16/05 EECS 225d Introduction VARIATION The central

Phonetic Modeling in ASR Chuck Wooters 3/16/05 EECS 225d Introduction VARIATION The central issue in Automatic Speech Recognition EECS 225d - March 16, 2005 2 Many Types of Variation channel/microphone type environmental noise

636 views • 39 slides
Introduction to Linux Command Line Interface Family of Unix-like Operating Systems Source:

Introduction to Linux Command Line Interface Family of Unix-like Operating Systems Source:

Introduction to Linux Command Line Interface Family of Unix-like Operating Systems Source: http://en.wikipedia.org/w/index.php?title=File:Unix_history-simple.svg&amp;page=1; Creative Commons GNU/Linux and Distributions Linux kernel: the core

476 views • 5 slides
rs rrt st

rs rrt st

rs rrt st rt stt t rt t ts t

228 views • 3 slides
Basic Problem-Solving 2.2 Best-first heuristic search Strategies 2.3 Problem decompositon and

Basic Problem-Solving 2.2 Best-first heuristic search Strategies 2.3 Problem decompositon and

Chapter 2 2. Basic Problem-Solving Strategies 2.1 Basic search techniques Basic Problem-Solving 2.2 Best-first heuristic search Strategies 2.3 Problem decompositon and AND/OR graphs 2.4 Searching

427 views • 19 slides
Making writing exciting! Jon Smith October 2018 Pobble.com 1 Introduction Once upon a

Making writing exciting! Jon Smith October 2018 Pobble.com 1 Introduction Once upon a

Making writing exciting! Jon Smith October 2018 Pobble.com 1 Introduction Once upon a time 2 Journey The oldest school in North Yorkshire 3 Journey A literacy session for over 500 pupils 4 Journey Writing at the top of the

443 views • 28 slides

More recommend