Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Binary art - funky PoCs & visual docs

Ange Albertini
March 21, 2014
Technology
1
250

Binary art - funky PoCs & visual docs

Ange Albertini

March 21, 2014
Tweet

More Decks by Ange Albertini

See All by Ange Albertini
Fearsome File Formats
ange
0
550
Overview of file type identifiers
ange
0
930
A question of time
ange
0
1k
SBuD: InfoVis in InfoSec
ange
1
810
Generating Weird Files
ange
0
260
Technical challenges with file formats
ange
1
2.1k
Inside out - abusing archive file formats
ange
3
1.8k
Relations between archive formats
ange
0
2k
Beyond your studies v2
ange
2
930

Other Decks in Technology

See All in Technology
3年でバックエンドエンジニアが5倍に増えても破綻しなかったアーキテクチャ そして、これから / Software architecture that scales even with a 5x increase in backend engineers in 3 years
euglena1215
11
4.3k
深層学習と3Dキャプチャ・3Dモデル生成(土木学会応用力学委員会 応用数理・AIセミナー)
pfn
PRO
0
410
[JAWS-UG新潟#20] re:Invent2024 -CloudOperationsアップデートについて-
shintaro_fukatsu
0
150
型情報を用いたLintでコード品質を向上させる
sansantech
PRO
2
230
Formal Development of Operating Systems in Rust
riru
1
380
.NET 9 のパフォーマンス改善
nenonaninu
0
2.2k
20241220_S3 tablesの使い方を検証してみた
handy
4
870
The key to VCP-VCF
mirie_sd
0
160
AI×医用画像の現状と可能性_2024年版/AI×medical_imaging_in_japan_2024
tdys13
0
1.2k
いまからでも遅くないコンテナ座学
nomu
0
200
OCI技術資料 : ファイル・ストレージ 概要
ocise
3
12k
12 Days of OpenAIから読み解く、生成AI 2025年のトレンド
shunsukeono_am
0
1.1k

Featured

See All Featured
Designing Dashboards & Data Visualisations in Web Apps
destraynor
230
52k
Fantastic passwords and where to find them - at NoRuKo
philnash
50
2.9k
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
45
2.3k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
47
5.1k
Building Adaptive Systems
keathley
38
2.3k
Product Roadmaps are Hard
iamctodd
PRO
50
11k
Writing Fast Ruby
sferik
628
61k
Git: the NoSQL Database
bkeepers
PRO
427
64k
Rebuilding a faster, lazier Slack
samanthasiow
79
8.8k
Code Review Best Practice
trishagee
65
17k
Scaling GitHub
holman
459
140k
YesSQL, Process and Tooling at Scale
rocio
170
14k

Transcript

  1. Insomni’hack Geneva, Switzerland Ange Albertini 2014/03/21 funky PoCs & visual

    docs

  2. http:// corkami.com reverse engineering & visual documentations

  3. boring? • file formats were supposed to be safe ◦

    public specs ◦ open-source parsers • {weirdness} == {exploits} ? • software = parse, sanitize, recover

  4. formats’ diversity 1/2 no header • COM (1982), MBR (1982)

    magic signature • none: DOL (2001) • 2: TIFF, PE • 4: most standard • >4: PNG, PDF

  5. start offset: • archives • range: PDF • mostly 0

    special properties • deprecated header: PE • variable scanning direction: PDF • multi-versions: BMP • scanned chunk: JPEG • no official names: ZIP formats’ diversity 2/2
  6. None
  7. None
  8. None
  9. None
  10. None
  11. None
  12. None

  13. quine (relay)

  14. None

  15. polyglot

  16. None
  17. None
  18. None
  19. None
  20. None

  21. schizophren

  22. None

  23. misc

  24. None

  25. 128, 217, 255, 217, 128, 38, 1, 38

  26. None
  27. None
  28. None

  29. crypto-tology: for anything crypto, ask @veorq (coz he’s awesome)

  30. None
  31. None
  32. None
  33. None
  34. None
  35. None
  36. None
  37. None
  38. None
  39. None
  40. None

  41. conclusion on binary formats

  42. On binary formats • specs far from perfect • plenty

    of fun • many consequences for infosec ◦ unforeseen attack channels
  43. None

  44. on visual docs http://pics.corkami.com http://prints.corkami.com

  45. disclaimer no awards, no studies

  46. None
  47. None
  48. None
  49. None

  50. goal create useful documentations based on reality

  51. posters self-contained • immediate ‘big picture’ • no roleplay gamebook

  52. use common sense and your own eyes

  53. None

  54. creativity? give yourself time! to fail!

  55. None
  56. None
  57. None
  58. None
  59. None

  60. define your audience lower and upper limits

  61. “you should add …” see “setting a upper limit”

  62. “too simple/simplified”? 1/ teach others, beginners, kids 2/ no more

    excuses for not knowing

  63. remove the obvious guessing doesn’t hurt

  64. None

  65. space optimal separator

  66. left right

  67. left right

  68. left right

  69. None
  70. None

  71. no unnecessary extras leave doors closed (to be opened somewhere

    else)

  72. requirements

  73. a computer a transparent tablecloth

  74. None

  75. http://src.corkami.com

  76. @jaredcatkinson’s prefetch101

  77. conclusion on visual docs

  78. On visual documentations • it doesn’t hurt • it’s not

    so hard • requires time

  79. Questions ? thank YOU ! @angealbertini ✉ [email protected]