Upgrade to Pro — share decks privately, control downloads, hide ads and more …

自作バイナリエディタを用いたバイナリ解析

@tkmru
March 05, 2016
Programming
3
2.3k

 自作バイナリエディタを用いたバイナリ解析

セキュリティ・キャンプ・フォーラム 2016/03/04

@tkmru

March 05, 2016
Tweet

More Decks by @tkmru

See All by @tkmru
ipa-medit: Memory search and patch tool for IPA without Jailbreaking/ipa-medit-bh2022-europe
tkmru
0
270
Ipa-medit: Memory modification tool for iOS apps without Jailbreaking/ipa-medit-codeblue2022
tkmru
0
140
趣味と実益のための著名なOSSライブラリ起因の脆弱性の探求/seccamp2021-b5
tkmru
0
4.8k
Ipa-medit: Memory Search and Patch Tool for IPA Without Jailbreaking @Black Hat USA 2021 Arsenal/ipa-medit-bh2021-usa
tkmru
1
4.3k
Learn the essential way of thinking about vulnerabilities through post-exploitation on middlewares (MySQL/PostgreSQL編)/seccamp2020-b8
tkmru
3
830
apk-medit: memory search and patch tool for debuggable APK @CODE BLUE 2020 Bluebox
tkmru
0
190
apk-medit: memory search and patch tool for debuggable APK @Black Hat USA 2020 Arsenal/apk-medit-bh2020-usa
tkmru
0
4k
めんどうくさいゲームセキュリティ
tkmru
20
10k
Linux Rootkit Internals
tkmru
1
1.9k

Other Decks in Programming

See All in Programming
Snowflake x dbtで作るセキュアでアジャイルなデータ基盤
tsoshiro
2
520
Ethereum_.pdf
nekomatu
0
460
Click-free releases & the making of a CLI app
oheyadam
2
120
Streams APIとTCPフロー制御 / Web Streams API and TCP flow control
tasshi
2
350
受け取る人から提供する人になるということ
little_rubyist
0
250
Micro Frontends Unmasked Opportunities, Challenges, Alternatives
manfredsteyer
PRO
0
110
イベント駆動で成長して委員会
happymana
1
330
C++でシェーダを書く
fadis
6
4.1k
Jakarta EE meets AI
ivargrimstad
0
220
GitHub Actionsのキャッシュと手を挙げることの大切さとそれに必要なこと
satoshi256kbyte
5
430
ローコードSaaSのUXを向上させるためのTypeScript
taro28
1
630
Remix on Hono on Cloudflare Workers
yusukebe
1
300

Featured

See All Featured
Building an army of robots
kneath
302
43k
Designing for humans not robots
tammielis
250
25k
A Modern Web Designer's Workflow
chriscoyier
693
190k
Git: the NoSQL Database
bkeepers
PRO
427
64k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
280
13k
Building Better People: How to give real-time feedback that sticks.
wjessup
364
19k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
38
1.8k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
4
370
Building Applications with DynamoDB
mza
90
6.1k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
665
120k
Become a Pro
speakerdeck
PRO
25
5k
Statistics for Hackers
jakevdp
796
220k

Transcript

  1. ࣗ࡞όΠφϦΤσΟλΛ ༻͍ͨόΠφϦղੳ ˏtkmru ͚ͨ·Δ 2016-03-04 Fri Security Camp Forum

  2. ୭ʁ • ໊લ: ͚ͨ·Δ (@tkmru) • ॴଐ: ๭େֶ ৘ใཧ޻ֶ෦ •

    CTFνʔϜ: TomoriNao

  3. ༑རಸॹ(SECCON 2015 Intercollege)

  4. None

  5. ຊ୊͸༑རಸॹͰͳ͘ ʮࣗ࡞όΠφϦΤσΟλΛ ༻͍ͨόΠφϦղੳʯ

  6. όΠφϦΤσΟλͱ͸ • ͲΜͳϑΝΠϧͰ΋16ਐ਺Ͱදࣔ͢Δ • ͋΍͍͠ϑΝΠϧΛ࠷ॳʹͿͪࠐΉιϑτ

  7. BZ http://www.forest.impress.co.jp/library/img/review/10014/html/bz1.jpg.html

  8. Stirling http://1.bp.blogspot.com/-O5txkaVlhRg/US3i8jFWvjI/AAAAAAAAdTA/uaDiY_RHDMc/s1600/02.png

  9. ໨grep • όΠφϦΤσΟλ্ͰΑ͘ߦΘΕΔղੳٕ๏ • ໨ࢹͰॏཁͦ͏ͳσʔλΛݟ͚ͭΔߦҝ • Ή͔͍ͣ͠

  10. ʮҰൠతʹ໨grep͸όΠφϦΤ σΟλʹ౥ࡌ͞Ε͍ͯΔϏοτϚο ϓϏϡʔΛۦ࢖͠ɺ ஁͑ΒΕͨ ؟ྗɺݚ͗੅·͞Εͨ໺ੜͷצ ʹΑͬͯൃش͞ΕΔೳྗͰ͋Γɺ ஁࿅ͷ౓߹͍ʹΑͬͯେ͖͘ݸਓ ͕ࠩੜ͡ΔೳྗͰ͋Δɻʯ https://gist.github.com/yoggy/4116843

  11. ϓϩʹ͔͠Ͱ͖ͳ͍

  12. طଘͷόΠφϦΤσΟλ΁ͷෆຬ • mac޲͚ʹ͸σϑΝΫτελϯμʔυͱ͍͑ Δ΋ͷ͕ͳ͍ • ϓϩͰ͸ͳ͍ਓ͕໨grep͢Δͱݟམͱ͕͠ൃ ੜ͢Δ → ΫϩεϓϥοτϑΥʔϜͰղੳΛࣗಈԽͯ͠ ͘ΕΔόΠφϦΤσΟλ͕΄͍͠

  13. ͦ͜Ͱࣗ࡞όΠφϦΤσΟλ

  14. biwx(ͼ͎ͬ͘͢)

  15. ࡐྉ • Python • wxPython - C++ͷGUIϥΠϒϥϦ ʮwxWidgetsʯͷϥούʔ binary editor

    + wxPython = biwx

  16. ಛ௃ • ΫϩεϓϥοτϑΥʔϜ • Φʔϓϯιʔε • ϑΝΠϧͷγάωΠνϟΛ৭෼͚ • ৄࡉ৘ใΛදࣔ(γάωΠνϟͷ৔ॴɺPDFͷύʔε) •

    ࣗಈղੳػೳ

  17. ࣗಈղੳػೳ • ૊Έࠐ·ΕͨϑΝΠϧͷ੾Γग़͠ • όΠφϦͷ୯७ͳ੾Γग़͠ • PDFͷࣗಈύʔε

  18. σϞ1 SECCON CTF 2015 Steganography 1 MrFusion.gpjb

  19. MrFusion.gpjb • Α͘෼͔Βͳ͍ϑΝΠϧ͕༩͑ΒΕΔ • ͳ͔ʹෳ਺ͷը૾ϑΝΠϧ͕Ӆ͞Ε͍ͯΔ • औΓग़ͯ͠ॱ൪ʹಡΊ͹౴͕͑෼͔Δ

  20. flag SECCON{OCT 21 2015 0728}

  21. σϞ2 malicious PDFͷղੳ

  22. malicious PDFͷղੳ • PDFʹ͸JavaScriptίʔυΛຒΊࠐΊΔ • Adobe ReaderͰ JavaScript ࣮ߦݖݶ͕༗ޮ ʹͳ͍ͬͯΕ͹࣮ߦ͞ΕΔ

  23. ࠓޙͷల๬ • ࣗಈղੳػೳͷ֦ॆ • γΣϧίʔυͷղੳ • ղੳऀ͕Ѫ༻͢Δπʔϧʹҭ͍͖͍ͯͯͨ

  24. ͝ਗ਼ௌ͋Γ͕ͱ͏͍͟͝·ͨ͠