building a concrete alternative to ida
play

building a concrete alternative to ida 1 were sorry raxcity.com - PowerPoint PPT Presentation

May 20, 2023 •388 likes •1.04k views

Jeffrey (crowell) Crowell Julien (jvoisin) Voisin Radare2 to the rescue! June 20, 2015 REcon 2015 Montreal building a concrete alternative to ida 1 were sorry raxcity.com Shellphish Boston Key Party

  1. Jeffrey (crowell) Crowell – Julien (jvoisin) Voisin Radare2 to the rescue! June 20, 2015 REcon 2015 – Montreal building a concrete alternative to ida

  2. 1 we’re sorry

  3. ∙ raxcity.com ∙ Shellphish ∙ Boston Key Party ∙ <redacted> ∙ dustri.org ∙ Knows some english 2 who are we? jvoisin crowell ∙ Work at Google ∙ Soon graduated

  4. ∙ ImmunityDBG ∙ WinDBG ∙ ∙ IDA Pro ∙ WineDBG ∙ Hopper ∙ OllyDBG 3 toolbag Amateur Professional ∙ IDA Pro

  5. ∙ ImmunityDBG ∙ WinDBG ∙ ∙ IDA Pro (pirated) ∙ WineDBG (pirated Windows) ∙ Hopper (probably not) ∙ OllyDBG (not maintained) 3 toolbag Amateur Professional ∙ IDA Pro ($5000)

  6. ∙ Created by Ilfak Guilfanov ∙ First DataRescue, then Hex-Rays ∙ Closed-source and expensive ∙ Lots of architectures are supported ∙ Decompilation! ∙ Awesome piece of software 4 ida pro

  7. ∙ Created by Ilfak Guilfanov ∙ First DataRescue, then Hex-Rays ∙ Closed-source and expensive ∙ Lots of architectures are supported ∙ Decompilation! ∙ Awesome piece of software 4 ida pro

  8. ∙ Created by Ilfak Guilfanov ∙ First DataRescue, then Hex-Rays ∙ Closed-source and expensive ∙ Lots of architectures are supported ∙ Decompilation! ∙ Awesome piece of software 4 ida pro

  9. ∙ Created by Ilfak Guilfanov ∙ First DataRescue, then Hex-Rays ∙ Closed-source and expensive ∙ Lots of architectures are supported ∙ Decompilation! ∙ Awesome piece of software 4 ida pro

  10. ∙ Created by Ilfak Guilfanov ∙ First DataRescue, then Hex-Rays ∙ Closed-source and expensive ∙ Lots of architectures are supported ∙ Decompilation! ∙ Awesome piece of software 4 ida pro

  11. ∙ Created by Ilfak Guilfanov ∙ First DataRescue, then Hex-Rays ∙ Closed-source and expensive ∙ Lots of architectures are supported ∙ Decompilation! ∙ Awesome piece of software 4 ida pro

  12. radare2, cet inconnu

  13. ∙ 350k LoC under LGPL ∙ radare in 2006 ∙ forensics tool ∙ radare2 in 2009 ∙ written in pure C ∙ multi-purpose suite of tools 6 history

  14. ∙ 350k LoC under LGPL ∙ radare in 2006 ∙ forensics tool ∙ radare2 in 2009 ∙ written in pure C ∙ multi-purpose suite of tools 6 history

  15. ∙ 350k LoC under LGPL ∙ radare in 2006 ∙ forensics tool ∙ radare2 in 2009 ∙ written in pure C ∙ multi-purpose suite of tools 6 history

  16. ∙ 350k LoC under LGPL ∙ radare in 2006 ∙ forensics tool ∙ radare2 in 2009 ∙ written in pure C ∙ multi-purpose suite of tools 6 history

  17. ∙ radare in 2006 ∙ forensics tool ∙ radare2 in 2009 ∙ written in pure C ∙ multi-purpose suite of tools 6 history ∙ 350k LoC under LGPL

  18. ∙ radare in 2006 ∙ forensics tool ∙ radare2 in 2009 ∙ written in pure C ∙ multi-purpose suite of tools 6 history ∙ 350k LoC under LGPL

  19. ∙ likely packaged in your distribution ∙ install from source though ;-) ∙ more than 50 contributors for the latest release ∙ RSoC (+GSoC) 7 history

  20. ∙ likely packaged in your distribution ∙ install from source though ;-) ∙ more than 50 contributors for the latest release ∙ RSoC (+GSoC) 7 history

  21. ∙ likely packaged in your distribution ∙ install from source though ;-) ∙ more than 50 contributors for the latest release ∙ RSoC (+GSoC) 7 history

  22. ∙ likely packaged in your distribution ∙ install from source though ;-) ∙ more than 50 contributors for the latest release ∙ RSoC (+GSoC) 7 history

  23. ∙ ragg2 ∙ radiff2 ∙ rabin2 ∙ rafind2 ∙ rahash2 ∙ rarun2 ∙ rasm2 ∙ rax2 ∙ radare2 Compile programs into tiny binaries for x86-32/64 and arm. 8 r2tools

  24. ∙ ragg2 ∙ radiff2 ∙ rabin2 ∙ rafind2 ∙ rahash2 ∙ rarun2 ∙ rasm2 ∙ rax2 ∙ radare2 Binary diffing 8 r2tools

  25. ∙ ragg2 ∙ radiff2 ∙ rabin2 ∙ rafind2 ∙ rahash2 ∙ rarun2 ∙ rasm2 ∙ rax2 ∙ radare2 8 r2tools Binary program info extractor (think readelf )

  26. ∙ ragg2 ∙ radiff2 ∙ rabin2 ∙ rafind2 ∙ rahash2 ∙ rarun2 ∙ rasm2 ∙ rax2 ∙ radare2 Search for byte patterns in files 8 r2tools

  27. ∙ ragg2 ∙ radiff2 ∙ rabin2 ∙ rafind2 ∙ rahash2 ∙ rarun2 ∙ rasm2 ∙ rax2 ∙ radare2 Block based hashing utility 8 r2tools

  28. ∙ ragg2 ∙ radiff2 ∙ rabin2 ∙ rafind2 ∙ rahash2 ∙ rarun2 ∙ rasm2 ∙ rax2 ∙ radare2 Run programs in exotic environments 8 r2tools

  29. ∙ ragg2 ∙ radiff2 ∙ rabin2 ∙ rafind2 ∙ rahash2 ∙ rarun2 ∙ rasm2 ∙ rax2 ∙ radare2 Assembler/disassembler 8 r2tools

  30. ∙ ragg2 ∙ radiff2 ∙ rabin2 ∙ rafind2 ∙ rahash2 ∙ rarun2 ∙ rasm2 ∙ rax2 ∙ radare2 Base converter 8 r2tools

  31. ∙ ragg2 ∙ radiff2 ∙ rabin2 ∙ rafind2 ∙ rahash2 ∙ rarun2 ∙ rasm2 ∙ rax2 ∙ radare2 Combine everything together 8 r2tools

  32. 9 ∙ … ∙ GB/GBA/DS ∙ BIOS/TE ∙ DEX/JAVA ∙ Fatmach0/Mach0 ∙ ELF, ELF64 ∙ MZ/PE+/PE/COFF ∙ BIOS ∙ QNX ∙ Plan9 ∙ Web browser ∙ Smartwatch ∙ Android and iOS ∙ OSX ∙ *BSD ∙ GNU/Linux ∙ Windows ∙ XBOX platforms Runs on Handles

  33. ∙ 8051 ∙ arc ∙ arm ∙ avr ∙ brainfuck ∙ cr16 ∙ csr ∙ dalvik ∙ dcpu16 ∙ ebc ∙ gb ∙ h8300 10 architectures

  34. ∙ i4004 ∙ i8080 ∙ java ∙ LH5801 ∙ m68k ∙ malbolge ∙ mips ∙ msil ∙ msp430 ∙ nios2 ∙ powerpc ∙ rar 10 architectures

  35. 10 ∙ x86 ∙ 6502 ∙ psosvm ∙ snes ∙ propeller ∙ z80 ∙ xcore ∙ whitespace ∙ ART ∙ v850 ∙ tms320 ∙ sysz ∙ spc700 ∙ sparc ∙ sh architectures

  36. r2 internals

  37. ∙ At it’s heart, a library. ∙ Swig/Valabind ∙ Build your own tools on top of radare2 12 r2 is a library

  38. 13 Bindings are boring, let’s call r2 instead! r2 is a library, with r2pipe included

  39. 3rd party (or 1st party) plugins ∙ … 14 r2 is pluggable ∙ r_asm , assembler and disassembler ∙ r_anal , code analysis (opcode, type, esil) ∙ r_reg , registers ∙ r_syscall , system calls ∙ r_debug , debugger ∙ r_io , io layer ∙ r_search , search engine

  40. feature comparison

  41. ∙ R2 is like vim ∙ Just append ? everywhere 16 ida has a book, r2 is self-documented (and also has a book too) ∙ Combine intuitives commands

  42. ∙ Python ∙ NodeJS ∙ C ∙ Lua ∙ Lisp ∙ Vala ∙ Ruby ∙ Go ∙ Rust ∙ Perl ∙ OCaml ∙ … 17 ida has plugins, r2 has more bindings

  43. ∙ Debugger-compliant ∙ Minimap ∙ Interactive 18 ida has some graphs, r2 does too (but in ascii)

  44. ∙ name functions ∙ define code/data ∙ leave comments ∙ name stack variables ∙ mark structures ∙ use types ∙ define/modify functions 19 ida is clever but also interactive, so is r2 ∙ mark flags

  45. 20 ida has a nice gui, so does, well, err, mh, …

  46. It’s not all that scary! ∙ Familiar vim keybindings. ∙ Communicate over r2pipe. 21 actually… ∙ Visual Mode - friendly enough? ∙ Web UI - The future of collaborative reversing!

  47. ∙ Ncurses-like ∙ Static ∙ Dynamic ∙ Analysis ∙ Try it, really. 22 ida has an old-school tui mode, r2 has a better one.

  48. 23 ida has no web-ui, r2 does.

  49. ∙ Classic features ∙ Visual mode too ∙ Several backends ∙ Tracing ∙ Remote 24 ida has a debugger, so does r2

  50. ∙ Functions detection ∙ Local var detection ∙ FLIRT integration ∙ (X)REF ∙ DWARF and PDB 25 ida has kick-ass analysis, r2 has some too ∙ zignatures

  51. ∙ ESIL ∙ RPN-ish ∙ Documented ∙ Emulation ∙ Decompilation ∙ Analysis 26 ida some internal il, r2 has an open one

  52. ∙ Regexp ROP hunter ∙ Mitigations detection ∙ Emulation ∙ Patterns ∙ Environment control 27 ida has plugins for pwnage, r2 put this in core

  53. 28 ida has plugins for bindiffing, r2 put this in core

  54. summary

  55. ∙ GSoC ∙ Stabilization ∙ A fresh release ∙ Second edition of our RSoC ∙ ~1000 LoC modified per week 30 and now?

  56. ∙ Super-steep learning curve ∙ A lot of features ∙ Fast-moving target ∙ IDA is friendlier 31 current drawbacks

  57. ∙ Free-software ∙ Exotic arch support ∙ Active development ∙ A lot of features ∙ More and more users 32 current ��������

  58. 33 ∙ Magic lantern Do you? We do! ∙ … ∙ OverTheWire ∙ io from smashthestack ∙ Cool wargames ∙ … ∙ Coreboot ∙ Some top-notch ctf teams ∙ Some popular RE projects ∙ … ∙ IOActive ∙ AlienVault ∙ Anti-malware companies ∙ … ∙ Dragon Sector ∙ Shellphish who uses r2 currently?

  59. 33 ∙ Magic lantern Do you? We do! ∙ … ∙ OverTheWire ∙ io from smashthestack ∙ Cool wargames ∙ … ∙ Coreboot ∙ Some top-notch ctf teams ∙ Some popular RE projects ∙ … ∙ IOActive ∙ AlienVault ∙ Anti-malware companies ∙ … ∙ Dragon Sector ∙ Shellphish who uses r2 currently?

  60. ∙ Complete-emulation ∙ Decompilation ∙ A complete GUI ∙ What do you want? 34 and tomorrow?

  61. Monoculture is bad. Question IDA supremacy 1 . 1 And don’t pirate it! 35 conclusion

Recommend

twenty six concrete construction: columns &amp; frames http://www.building.co.uk Concrete

twenty six concrete construction: columns &amp; frames http://www.building.co.uk Concrete

A RCHITECTURAL S TRUCTURES : F ORM, B EHAVIOR, AND D ESIGN A RCH 331 D R. A NNE N ICHOLS S PRING 2018 lecture twenty six concrete construction: columns &amp; frames http://www.building.co.uk Concrete Columns 1 Architectural Structures

371 views • 12 slides
ON AN ALTERNATIVE TO TRADITIONAL CONCRETE FORMWORK FOR WALLS AUSTRALIAN INVENTED, OWNED AND

ON AN ALTERNATIVE TO TRADITIONAL CONCRETE FORMWORK FOR WALLS AUSTRALIAN INVENTED, OWNED AND

OUR OBJECTIVE: TO PROVIDE EDUCATION ON AN ALTERNATIVE TO TRADITIONAL CONCRETE FORMWORK FOR WALLS AUSTRALIAN INVENTED, OWNED AND MANUFACTURED Launched in 2006, and prompted by increasing construction costs with a decreasing availability of

683 views • 46 slides
Alternative Testing Strategies for Support of Concrete Pavement Mixture Development Challenges

Alternative Testing Strategies for Support of Concrete Pavement Mixture Development Challenges

Alternative Testing Strategies for Support of Concrete Pavement Mixture Development Challenges posed in pavement mixture proportioning Materials concerns Alternative Testing Strategies for Support of Unfamiliar cement sources, blended

397 views • 7 slides
Bamboo As a Viable Alternative to Steel Reinforcement in Concrete TYSON BALDREY, RANDY HOLMBERG,

Bamboo As a Viable Alternative to Steel Reinforcement in Concrete TYSON BALDREY, RANDY HOLMBERG,

Bamboo As a Viable Alternative to Steel Reinforcement in Concrete TYSON BALDREY, RANDY HOLMBERG, ALLAN JOHNSTON RSR-2265 INSTRUCTOR: LORNE ATWOOD APRIL 5, 2018 Research Question We intended to validate, through experimentation and analysis,

820 views • 32 slides
Prompt Assessment of Global Earthquakes for Response Data for Reinforced Concrete Building Type

Prompt Assessment of Global Earthquakes for Response Data for Reinforced Concrete Building Type

Prompt Assessment of Global Earthquakes for Response Data for Reinforced Concrete Building Type in India (C3) Nonlinear Static Pushover Analysis An internal frame of a four storey RC building A four storey RC building Different Models

539 views • 21 slides
Concrete and Steel Rebar Steel Rebar for reinforcing Concrete Steel Rebar for reinforcing

Concrete and Steel Rebar Steel Rebar for reinforcing Concrete Steel Rebar for reinforcing

Traditional Building Materials Concrete and Steel Rebar Steel Rebar for reinforcing Concrete Steel Rebar for reinforcing Concrete Steel Rebar for reinforcing Concrete Steel Rebar for reinforcing Concrete Advantage Easy to use Initial

522 views • 37 slides
Po Portland Pu Public Schools Ju July 5, 2016 Summary y of Portland Building Stock

Po Portland Pu Public Schools Ju July 5, 2016 Summary y of Portland Building Stock

Po Portland Pu Public Schools Ju July 5, 2016 Summary y of Portland Building Stock Unreinforced Masonry Wood 9% Tilt-up concrete 48% 6% Infilled Frames 1% Reinforced Masonry 13% Concrete Shear Wall 17% Concrete Frames

752 views • 43 slides
Sustainable building A case study on concrete recycling in France Laurens Duin, Ecologic

Sustainable building A case study on concrete recycling in France Laurens Duin, Ecologic

Sustainable building A case study on concrete recycling in France Laurens Duin, Ecologic Institute www.circular-impacts.eu 07/12/2017 www.circular-impacts.eu Why concrete recycling in France? Concrete recycling is already possible Quality

195 views • 7 slides
Concrete Building in the Field Akmaluddin Ni Nyoman Kencanawati Ahmad Gazi Paedullah

Concrete Building in the Field Akmaluddin Ni Nyoman Kencanawati Ahmad Gazi Paedullah

4 th ICRMCE 2018 Application of NDT Apparatus for Possible Use as Structural Health Monitoring of Concrete Building in the Field Akmaluddin Ni Nyoman Kencanawati Ahmad Gazi Paedullah Postgraduate Study Program of Civil Engineering Faculty of

485 views • 26 slides
nineteen service loads x load factors concrete holds no tension failure criteria is

nineteen service loads x load factors concrete holds no tension failure criteria is

A RCHITECTURAL S TRUCTURES : Concrete Beam Design F ORM, B EHAVIOR, AND D ESIGN composite of concrete and steel A RCH 331 D R. A NNE N ICHOLS American Concrete Institute (ACI) S UMMER 2018 design for maximum stresses lecture limit

641 views • 9 slides
twenty one service loads x load factors concrete holds no tension failure criteria is

twenty one service loads x load factors concrete holds no tension failure criteria is

E LEMENTS OF A RCHITECTURAL S TRUCTURES : Concrete Beam Design F ORM, B EHAVIOR, AND D ESIGN composite of concrete and steel ARCH 614 D R. A NNE N ICHOLS American Concrete Institute (ACI) S PRING 2019 design for maximum stresses

253 views • 6 slides
twenty two service loads x load factors concrete holds no tension failure criteria is

twenty two service loads x load factors concrete holds no tension failure criteria is

A RCHITECTURAL S TRUCTURES : Concrete Beam Design F ORM, B EHAVIOR, AND D ESIGN composite of concrete and steel ARCH 331 D R. A NNE N ICHOLS American Concrete Institute (ACI) S PRING 2018 design for maximum stresses lecture limit

346 views • 9 slides
Concrete Recycling in Pavement Applications Update on the FHWA Concrete Recycling Initiative

Concrete Recycling in Pavement Applications Update on the FHWA Concrete Recycling Initiative

Concrete Recycling in Pavement Applications Update on the FHWA Concrete Recycling Initiative Tara Cavalline, Ph.D., P.E. UNC Charlotte tcavalline@uncc.edu Presentation to National Concrete consortium September 20, 2017 Concrete Recycling

618 views • 26 slides
Use of Concrete Maturity For Use of Concrete Maturity For Measuring In-Place Strength of

Use of Concrete Maturity For Use of Concrete Maturity For Measuring In-Place Strength of

Use of Concrete Maturity For Use of Concrete Maturity For Measuring In-Place Strength of Measuring In-Place Strength of Concrete Concrete Prasad Rangaraju, Ph.D., P.E. Assistant Professor Department of Civil Engineering Clemson University

1.08k views • 63 slides
ABC Webinar at FIU Concrete Bridges Concrete Bridges William Nickas, P.E. Managing Director,

ABC Webinar at FIU Concrete Bridges Concrete Bridges William Nickas, P.E. Managing Director,

ABC Webinar at FIU Concrete Bridges Concrete Bridges William Nickas, P.E. Managing Director, Transportation Systems Precast/Prestressed Concrete Institute 2 National Concrete Bridge Council American Coal Ash Association American

1.25k views • 104 slides
Building Up First Nations Community Schooling: An Alternative to the First Nations Education Act

Building Up First Nations Community Schooling: An Alternative to the First Nations Education Act

Building Up First Nations Community Schooling: An Alternative to the First Nations Education Act PANEL DISCUSSION Paul W. Bennett Senior Education Fellow, Northern Policy Institute, and Adjunct Professor of Education, Saint Marys University

375 views • 18 slides
BUILDING TECHNOLOGY IV CONCRETE SLAB AND HOLLOW CORE Presented By: Espalliat Rafael

BUILDING TECHNOLOGY IV CONCRETE SLAB AND HOLLOW CORE Presented By: Espalliat Rafael

BUILDING TECHNOLOGY IV CONCRETE SLAB AND HOLLOW CORE Presented By: Espalliat Rafael Moller Horacio Zuluaga Pablo Presented to: Professor Aptekar September 17 th ,2013 PREC PRECAST SOLID SLAB AST SOLID SLAB Structural deck

586 views • 22 slides
STARTER PLANT CONCRETE BLOCKS 1 X 8 INCH Quality building blocks are essential in the safe

STARTER PLANT CONCRETE BLOCKS 1 X 8 INCH Quality building blocks are essential in the safe

STARTER PLANT CONCRETE BLOCKS 1 X 8 INCH Quality building blocks are essential in the safe construction process so vibration is used to produce high density solid blocks or hollow blocks with lower water content, high structural strength and

199 views • 3 slides
Non-uniform Concrete security: an example cracks in the concrete: What is the best NIST P-256

Non-uniform Concrete security: an example cracks in the concrete: What is the best NIST P-256

Non-uniform Concrete security: an example cracks in the concrete: What is the best NIST P-256 the power of free precomputation discrete-log attack algorithm? D. J. Bernstein ECDL input: P-256 points P , University of Illinois at

1.13k views • 86 slides
Portland Cement Concrete Portland Cement Concrete Portland cement concrete consists of a mixture

Portland Cement Concrete Portland Cement Concrete Portland cement concrete consists of a mixture

Portland Cement Concrete Portland Cement Concrete Portland cement concrete consists of a mixture of portland cement, coarse and fine aggregates, and water. It may be amended with admixtures, fibers, or certain supplementary cementitious

1.26k views • 78 slides
Basic Concrete Tests Hardened Concrete Basic Concrete Tests Cylinder Compression Splitting

Basic Concrete Tests Hardened Concrete Basic Concrete Tests Cylinder Compression Splitting

Basic Concrete Tests Hardened Concrete Basic Concrete Tests Cylinder Compression Splitting Tension Beam Flexure Elastic Modulus Slump Unit Weight Air Content CIVL 3137 2 Cylinder Compression What do we mean when we say I need 10 yd 3

516 views • 51 slides
Transformation of f the Construction In Industry ry The Contribution of Alternative Building

Transformation of f the Construction In Industry ry The Contribution of Alternative Building

National Stakeholder Foru rum (N (NSF) on the Transformation of f the Construction In Industry ry The Contribution of Alternative Building Technologies (ABTs) in the Transformation of the Construction Industry in South Africa Coceko BJ

714 views • 14 slides
Engineering Fly Ash-based Geopolymer Concrete Geopolymer Concrete E. Ivan Diaz-Loya Ph.D.

Engineering Fly Ash-based Geopolymer Concrete Geopolymer Concrete E. Ivan Diaz-Loya Ph.D.

Engineering Fly Ash-based Geopolymer Concrete Geopolymer Concrete E. Ivan Diaz-Loya Ph.D. Candidate Erez N. Allouche Ph.D., P.E. 1 2010 International Concrete Sustainability Conference, Dubai, UAE Engineering fly ash-based geopolymer concrete

713 views • 35 slides
2012 EXCELLENCE IN CONCRETE AWARD Virginia Chapter - American Concrete Institute Hank Keiper,

2012 EXCELLENCE IN CONCRETE AWARD Virginia Chapter - American Concrete Institute Hank Keiper,

2012 EXCELLENCE IN CONCRETE AWARD Virginia Chapter - American Concrete Institute Hank Keiper, P.E. March 7, 2013 Virginia Concrete The SEFA Group Conference Aw ard Criteria Essentially completed in 2012 Concrete a major part of

257 views • 25 slides

More recommend