binary level program analysis assembly basics
play

Binarylevel program analysis: Assembly basics Gang Tan CSE 597 - PowerPoint PPT Presentation

Dec 28, 2023 •370 likes •500 views

Binarylevel program analysis: Assembly basics Gang Tan CSE 597 Spring 2019 Penn State University 1 Source code, Assembly code, Object code, and Executable Code Source Object Assembly Compiler Assembler code code code Then a

  1. Binary‐level program analysis: Assembly basics Gang Tan CSE 597 Spring 2019 Penn State University 1

  2. Source code, Assembly code, Object code, and Executable Code Source Object Assembly Compiler Assembler code code code • Then a linker links object code of different compilation units (files, libraries) into executable code • Assembly code – Consist of assembly instructions – Specific for a particular architecture (x86, x64, ARM, SPARC, etc.) • Object code – Consist of encodings of assembly instructions in bytes • Executable code – AKA machine code – In a particular file format (e.g., ELF or PE) 2

  3. Example Source Code: hello.c #include <stdio.h> int main () { printf("Hello, World!"); return 0; } 3

  4. Example Assembly Code: After “gcc ‐S ‐o hello.s hello.c” .file "hello.c" .cfi_def_cfa_register 6 .section .rodata movl $.LC0, %eax .LC0 : movq %rax, %rdi .string "Hello, World!" movl $0, %eax .text call printf .globl main movl $0, %eax .type main, @function leave main : .cfi_def_cfa 7, 8 .LFB0 : ret .cfi_startproc .cfi_endproc pushq %rbp .cfi_def_cfa_offset 16 .LFE0 : .cfi_offset 6, ‐16 .size main, .‐main movq %rsp, %rbp .ident "GCC: (GNU) 4.4.7 20120313 (Red Hat 4.4.7‐23)" .section .note.GNU‐stack,"",@progbits 4

  5. Example executable Code: After “gcc –o hello hello.c” Do “objdump ‐s ./hello” 5

  6. Binary Code Analysis • Refer to analyzing assembly or executable code • If given executable code – Step 1: disassemble it to assembly code – Step 2: analyze the assembly code • The disassembly step may be hard or easy – Depending on whether meta information is embedded into executable code 6

  7. Meta information in Executable Code • During compilation, meta information can be embedded into executable code • Meta information: symbol tables – Information about symbols (e.g., function and variable names) from source code – Each entry • The symbol name • The binding address • Type of the symbol • Misc. info – Symbol tables consumed by linkers and debuggers 7

  8. objdump ‐‐sym ./hello 8

  9. Meta information in Executable Code • Relocation information – Before linking, memory addresses of functions and global data are unknown – Compilers generate relocation entries – Static/dynamic linkers patch the program during linking 9

  10. Meta information in Executable Code • Debugging information – Generated by the compiler and consumed by debuggers (e.g., gdb) – During debugging, the debugger uses debugging info to relate binary code to source code • E.g., this instruction is generated code from this source code line – Include • Source code info: types and scopes of identifiers • Line‐number info: to relate binary to source code • Other info such as location description – Debugging info formats: DWARF and STABS 10

  11. Stripped versus unstripped binaries • Stripped binaries – Pure binary code; no meta information – Disassembly is hard (do not even know where functions start) • Unstripped binaries – Binary code plus meta information – Disassembly is easy • Why stripped binaries? – Meta information occupies space – Stripped binaries are harder to reverse engineer, making it easier to protect intellectual property 11

  12. Next: IA32 and Reverse Engineering basics • NSA tutorial on reverse engineering – https://codebreaker.ltsnet.net/resources – Introduction to x86 Assembly – Reverse Engineering Machine Code Pt. 1 – Reverse Engineering Machine Code Pt. 2 12

Recommend

Be a Binary Rockst r An Introduction to Program Analysis with Binary Ninja Agenda

Be a Binary Rockst r An Introduction to Program Analysis with Binary Ninja Agenda

Be a Binary Rockst r An Introduction to Program Analysis with Binary Ninja Agenda Motivation Current State of Program Analysis Design Goals of Binja Program Analysis Building Tools 2 Motivation 3 Tooling - Concrete -&gt;

963 views • 77 slides
Assembly basics CS 2XA3 Term I, 2020/21 Outline What is Assembly Language ? Assemblers Why

Assembly basics CS 2XA3 Term I, 2020/21 Outline What is Assembly Language ? Assemblers Why

Assembly basics CS 2XA3 Term I, 2020/21 Outline What is Assembly Language ? Assemblers Why Assembly? NASM Character and String Literals Integer literals Labels and Names Statements Program structure Input/Output Compiling+linking What

670 views • 28 slides
1 x86 Clones: Advanced Micro Devices Intels 64-Bit History (AMD) 2001: Intel Attempts

1 x86 Clones: Advanced Micro Devices Intels 64-Bit History (AMD) 2001: Intel Attempts

Today: Machine Programming I: Basics History of Intel processors and architectures C, assembly, machine code Machine-Level Programming I: Basics Assembly Basics: Registers, operands, move Arithmetic &amp; logical operations CSci

320 views • 8 slides
Programming in Assembly Language Minimal Program Move CS Basics Flags Increment

Programming in Assembly Language Minimal Program Move CS Basics Flags Increment

Programming in Assembly Language Minimal Program Move CS Basics Flags Increment and decrement 5) Programming in Conditional jumps Assembly Language Signed Values Structure of a program Emmanuel Benoist The Stack

293 views • 17 slides
LECTURE 2 Review 1 Binary Math and Assembly BINARY MATH In this section, we review Binary

LECTURE 2 Review 1 Binary Math and Assembly BINARY MATH In this section, we review Binary

LECTURE 2 Review 1 Binary Math and Assembly BINARY MATH In this section, we review Binary to decimal conversions and vice versa IEEE 754 Floating point representations Binary Arithmetic Decimal representation of binary numbers

1.66k views • 118 slides
Platform-independent static binary code analysis using a meta- assembly language Thomas Dullien,

Platform-independent static binary code analysis using a meta- assembly language Thomas Dullien,

Platform-independent static binary code analysis using a meta- assembly language Thomas Dullien, Sebastian Porst zynamics GmbH CanSecWest 2009 Overview The REIL Language Abstract Interpretation MonoREIL Results 2 Motivation Bugs are

677 views • 52 slides
Assembly Language Assembler translates the assembly language source into binary instructions in

Assembly Language Assembler translates the assembly language source into binary instructions in

Figure 1: Assemblers process Assembly Language Assembler translates the assembly language source into binary instructions in an object file . Programs usually contain multiple assembly/HLL source files, called modules , each com- piled

481 views • 5 slides
x86 basics ISA context and x86 history Translation tools: C --&gt; assembly &lt;--&gt; machine

x86 basics ISA context and x86 history Translation tools: C --&gt; assembly &lt;--&gt; machine

x86 basics ISA context and x86 history Translation tools: C --&gt; assembly &lt;--&gt; machine code x86 Basics: Registers Data movement instructions Memory addressing modes Arithmetic instructions 1 Program, Application Software

439 views • 39 slides
Bit Basics Eric McCreath Bit Basics A bit (Binary digIT) is single unit of binary storage. A bit

Bit Basics Eric McCreath Bit Basics A bit (Binary digIT) is single unit of binary storage. A bit

Bit Basics Eric McCreath Bit Basics A bit (Binary digIT) is single unit of binary storage. A bit is normally grouped with other bits to represent data or information. 4 bits form a nibble 8 bits form a byte (e.g. 10100001 or 0xA1 in hex) Bytes

845 views • 9 slides
Analysis of path exclusions at the assembly level 7th Int'l Workshop on Worst-Case Execution

Analysis of path exclusions at the assembly level 7th Int'l Workshop on Worst-Case Execution

Analysis of path exclusions at the assembly level 7th Int'l Workshop on Worst-Case Execution Time (WCET) Analysis Ingmar Stein, Florian Martin ingmar@absint.com The Goal A Jump conditions B C are equivalent 10 100 D E F 200 110

411 views • 24 slides
ARM Assembly Programming Cuauhtemoc Carbajal 06/08/2013 Introduction The ARM processor is

ARM Assembly Programming Cuauhtemoc Carbajal 06/08/2013 Introduction The ARM processor is

ARM Assembly Programming Cuauhtemoc Carbajal 06/08/2013 Introduction The ARM processor is very easy to program at the assembly level. (It is a RIS C) We will learn ARM assembly programming at the user level. Memory system

1.04k views • 85 slides
Lecture 9: Assembly Programming Part 2 Last Week Assembly basics addi $t6, $zero, 10 add

Lecture 9: Assembly Programming Part 2 Last Week Assembly basics addi $t6, $zero, 10 add

Lecture 9: Assembly Programming Part 2 Last Week Assembly basics addi $t6, $zero, 10 add $t6, $t6, $t1 QtSpim add $t6, $t6, $t1 mult $t0, $t0 ALU operations mflo $t4 add $t4, $t4, $t6 Arithmetic Logical Shift main: add

908 views • 49 slides
BINSEC: Binary-level Semantic Analysis to the Rescue S ebastien Bardin joint work with

BINSEC: Binary-level Semantic Analysis to the Rescue S ebastien Bardin joint work with

BINSEC: Binary-level Semantic Analysis to the Rescue S ebastien Bardin joint work with Richard Bonichon, Robin David, Adel Djoudi, Benjamin Farinier, Josselin Feist, Laurent Mounier, Marie-Laure Potet, Thanh Dihn Ta, Franck V edrine CEA

1.27k views • 61 slides
QSynth - A Program Synthesis approach for Binary Code Deobfuscation Binary Analysis Workshop -

QSynth - A Program Synthesis approach for Binary Code Deobfuscation Binary Analysis Workshop -

QSynth - A Program Synthesis approach for Binary Code Deobfuscation Binary Analysis Workshop - NDSS Robin David &lt;rdavid@quarkslab.com&gt; Luigi Coniglio &lt;luigi.coniglio@studenti.unitn.it&gt; Mariano Ceccato &lt;mariano.ceccato@univr.it&gt;

1.12k views • 82 slides
Bit Basics A bit (Binary digIT) is single unit of binary storage. A bit is normally group with

Bit Basics A bit (Binary digIT) is single unit of binary storage. A bit is normally group with

Bit Basics A bit (Binary digIT) is single unit of binary storage. A bit is normally group with other bits to form a larger groupings of information. 4 bits form a nibble. 8 bits form a byte (e.g. 10100001 or 0xA1 in hex) Bit Basics Bytes are

420 views • 3 slides
High-Level Languages Languages Assembly vs Machine Code Assembly vs high-level language

High-Level Languages Languages Assembly vs Machine Code Assembly vs high-level language

High-Level Languages Languages Assembly vs Machine Code Assembly vs high-level language Why Learn New Language availability special features porting maintenance more tools required for job cost Why Design a

1.36k views • 54 slides
Dyninst: A Binary Analysis and Modification Framework Jeffrey K. Hollingsworth Ray Chen

Dyninst: A Binary Analysis and Modification Framework Jeffrey K. Hollingsworth Ray Chen

Dyninst: A Binary Analysis and Modification Framework Jeffrey K. Hollingsworth Ray Chen University of Maryland Department of Computer Science University of Maryland Binary modification Behavior Attack Detection Analysis Binary Program

492 views • 24 slides
Experiences with the Carnegie Mellon Binary Analysis Platform (CMU BAP) Sam L. Thomas, CNRS,

Experiences with the Carnegie Mellon Binary Analysis Platform (CMU BAP) Sam L. Thomas, CNRS,

Experiences with the Carnegie Mellon Binary Analysis Platform (CMU BAP) Sam L. Thomas, CNRS, IRISA sam.thomas@irisa.fr Introduction - what is BAP? Binary analysis framework: For program analysis For (aiding) reverse engineering (plugin

667 views • 29 slides
Binsec/RelSE Efficient Constant-Time Analysis of Binary-Level Code with Relational Symbolic

Binsec/RelSE Efficient Constant-Time Analysis of Binary-Level Code with Relational Symbolic

Binsec/RelSE Efficient Constant-Time Analysis of Binary-Level Code with Relational Symbolic Execution Supervisors: Author: Lesly-Ann Daniel Sbastien Bardin CEA LIST CEA LIST Tamara Rezk Oct 2018 - Oct 2021 INRIA Sophia Antipolis

777 views • 38 slides
Binarylevel program analysis: Static Disassembly Gang Tan CSE 597 Spring 2019 Penn State

Binarylevel program analysis: Static Disassembly Gang Tan CSE 597 Spring 2019 Penn State

Binarylevel program analysis: Static Disassembly Gang Tan CSE 597 Spring 2019 Penn State University 3 Disassemblers Disassembler Convert machine code in a binary file into assembly code or code in an equivalent IR Assume a

514 views • 26 slides
Program analysis for security Two main classes Static: Operates on source or binary at

Program analysis for security Two main classes Static: Operates on source or binary at

Program analysis for security Two main classes Static: Operates on source or binary at rest Dynamic: Operates at runtime Also hybrids of the two Static: Examples Code review Grep Taint analysis Symbolic

726 views • 49 slides
Understanding the AOFC Fourth level Reporting for 2015 Fifth level 1 1 The Basics The

Understanding the AOFC Fourth level Reporting for 2015 Fifth level 1 1 The Basics The

Texas Department of Housing and Community Affairs Click to edit Master text styles Second level Third level Understanding the AOFC Fourth level Reporting for 2015 Fifth level 1 1 The Basics The Annual Owners Financial Certification

576 views • 22 slides
Binsec/RelSE Efficient Constant-Time Analysis of Binary-Level Code with Relational Symbolic

Binsec/RelSE Efficient Constant-Time Analysis of Binary-Level Code with Relational Symbolic

Binsec/RelSE Efficient Constant-Time Analysis of Binary-Level Code with Relational Symbolic Execution Lesly-Ann Daniel Sbastien Bardin Tamara Rezk CEA LIST, France CEA LIST, France INRIA, France IEEE Symposium on Security and Privacy May

464 views • 25 slides
BINARY-LEVEL SECURITY: SEMANTIC ANALYSIS TO THE RESCUE Sbastien Bardin (CEA LIST) Joint work

BINARY-LEVEL SECURITY: SEMANTIC ANALYSIS TO THE RESCUE Sbastien Bardin (CEA LIST) Joint work

BINARY-LEVEL SECURITY: SEMANTIC ANALYSIS TO THE RESCUE Sbastien Bardin (CEA LIST) Joint work with Richard Bonichon, Robin David, Adel Djoudi &amp; many other people Sbastien Bardin -- ISSISP 2017 | 1 ABOUT MY LAB @CEA Sbastien Bardin

1.11k views • 87 slides

More recommend