Archive for the ‘Other’ Category

Black Hat DC preview

Wednesday, January 27th, 2010

On February 3rd I will be speaking at Black Hat DC. The talk is about fuzzing. Today Microsoft has its SDL, Abobe has apparently started fuzzing its own products and other companies are doing the same as well. The bottom line is that fuzzing is getting harder for us. In the talk I will explain how to create a new type of fuzzer by combining static analysis metrics and dynamic analysis techniques. This new approach will ease the process of fuzzing by totally removing the data-modeling part that is usually necessary with generation-based fuzzers. At the same time it will have better results than mutation-based fuzzers. I have written about some of the techniques/metrics used in the fuzzer in my previous blog posts. So to have a taste of the talk here are a few links: cyclomatic complexityloop detection and code coverage.

Anyway if you happen to be in DC during Black Hat or in NYC a few days after (4 -7 February) and you want to talk with me about:

  1. Reverse engineering and the like : you have a problem that’s driving you crazy, you can solve one of those problems for me or you want to show me something very cool you are working on.
  2. Our products: you want more info, you know how to improve them, you want  to congratulate me because they are *so* cool
  3. You feel generous and want to offer me a beer
  4. You want to insult me because this blog post is *very* annoying

Send me an email!

After the conference I will do a follow-up post with slides, white paper, code and what you have missed at the conference.

Cheers,

Vincenzo

Guest lecture on Formal Methods in Reverse Engineering

Thursday, January 21st, 2010

Last November Michael Meier of Dortmund University invited me to give a guest lecture on a topic of my choice in his class about reactive security.  The topic we decided on was formal methods in reverse engineering. January 20th was the date of my guest lecture.

I was a bit nervous because I knew the students knew very little or nothing about formal methods and reverse engineering. I decided not to scare them away with assembly code or heavy math and to keep things general instead. The idea was to present current problems in reverse engineering caused by growing size and complexity of today’s software and how formal methods might be able to help us overcome these problems.

In the end I decided to give a brief introduction to abstract interpretation, meta languages, dynamic instrumentation, and taint tracking as four potential ways of cutting down on complexity which are all quite different.

I think the talk went rather well and I think I made the right decision with the topic. The students asked me some good questions during and after the talk and I like to believe that I did not bore them to death.

The slides of my guest lecture are available here although they are unfortunately in German language.

[slideshare id=3002487&doc=revengdortmund-100127054621-phpapp01]

Introducing: The official zynamics blog! :-)

Monday, January 18th, 2010

Dear Readers (and fellow reverse engineers),

welcome to the shiny new zynamics blog!

Over the last several years, most of the zynamics crew has kept their own (personal) blogs, and frequently, topics that were of interest to the reverse engineer were scattered over several different blogs. It was not unusual to have to search through my blog, Ero’s blog, SP’s blog, or Vincenzo’s blog on the quest to finding a particular piece of information.

Also, at least one of those blogs was updated only sporadically (primarily … mine), and intermingled heavily with non-technical rants on the state of the world or the quality of the food in some random pub.

This situation was clearly untenable — and we therefore decided to pool all our reverse-engineering (and zynamics)-related stuff in one place.

On this blog, you will find posts regarding the following topics:

  • General reverse engineering
  • Bug hunting
  • Interesting uses of BinNavi / BinDiff
  • Automated malware classification / signature generation
  • Other things that I can’t think of yet, but that will certainly crop up in due time

So, enjoy the posts, and tell a friend!

Cheers,

Halvar