Ramblr Making Reassembly Great Again

發表於 2017-03-15 | 分類於信息安全 |

重打包汇编

静态汇编层修改
中间语言层面修改
动态执行时hook修改 (Xposed)

可能用于程序分析，软件破解

paper

UCSB SecLab
https://seclab.cs.ucsb.edu/

Ramblr Making Reassembly Great Again
http://cancer.shtech.org/wiki/uploads/ndss2017_10-5_Wang_paper_0.pdf

Driller: Augmenting Fuzzing Through Selective Symbolic Execution
http://cancer.shtech.org/wiki//uploads/2016---NDSS---driller-augmenting-fuzzing-through-selective-symbolic-execution.pdf

(State of) The Art of War: Offensive Techniques in Binary Analysis
http://cancer.shtech.org/wiki//uploads/2016---%28State-of%29-The-Art-of-War-Offensive-Techniques-in-Binary-Analysis---Shoshitaishvili-et-al.pdf

angr
http://angr.io/

ARM(RISC) 中是否会减少一些 x86 反汇编重组时所产生的问题。

Binary –Disassembly–> asm –reassembly–> New Binary

Binary –Disassembly–> asm –> Symbolic Analysis –reassembly–> New Binary

Binary –Disassembly–> asm –> content classification –> Symbolic Analysis –reassembly–> New Binary [Ramblr]

tips

函数地址加密 xor
localized value-set analysis

Ray

关于计算机科学的学习经历与精彩文章分享。

15 分類

GitHub Twitter Weibo DouBan ZhiHu

Creative Commons

1. 重打包汇编
2. paper
3. tips