Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
自作バイナリエディタを用いたバイナリ解析
Search
@tkmru
March 05, 2016
Programming
3
2.3k
自作バイナリエディタを用いたバイナリ解析
セキュリティ・キャンプ・フォーラム 2016/03/04
@tkmru
March 05, 2016
Tweet
Share
More Decks by @tkmru
See All by @tkmru
リバースエンジニアリング新時代へ! GhidraとClaude DesktopをMCPで繋ぐ/findy202507
tkmru
4
1.3k
Bring Your Own Container: When Containers Turn the Key to EDR Bypass/byoc-avtokyo2024
tkmru
2
1.5k
ipa-medit: Memory search and patch tool for IPA without Jailbreaking/ipa-medit-bh2022-europe
tkmru
0
340
Ipa-medit: Memory modification tool for iOS apps without Jailbreaking/ipa-medit-codeblue2022
tkmru
0
180
趣味と実益のための著名なOSSライブラリ起因の脆弱性の探求/seccamp2021-b5
tkmru
0
5.4k
Ipa-medit: Memory Search and Patch Tool for IPA Without Jailbreaking @Black Hat USA 2021 Arsenal/ipa-medit-bh2021-usa
tkmru
1
4.5k
Learn the essential way of thinking about vulnerabilities through post-exploitation on middlewares (MySQL/PostgreSQL編)/seccamp2020-b8
tkmru
3
890
apk-medit: memory search and patch tool for debuggable APK @CODE BLUE 2020 Bluebox
tkmru
0
200
apk-medit: memory search and patch tool for debuggable APK @Black Hat USA 2020 Arsenal/apk-medit-bh2020-usa
tkmru
0
4.2k
Other Decks in Programming
See All in Programming
構造化・自動化・ガードレール - Vibe Coding実践記 -
tonegawa07
0
150
レトロゲームから学ぶ通信技術の歴史
kimkim0106
0
140
Comparing decimals in Swift Testing
417_72ki
0
100
バイブスあるコーディングで ~PHP~ 便利ツールをつくるプラクティス
uzulla
1
300
Strands Agents で実現する名刺解析アーキテクチャ
omiya0555
1
110
Bedrock AgentCore ObservabilityによるAIエージェントの運用
licux
8
360
Gemini CLI のはじめ方
ttnyt8701
1
110
QA x AIエコシステム段階構築作戦
osu
0
210
Advanced Micro Frontends: Multi Version/ Framework Scenarios
manfredsteyer
PRO
0
110
「次に何を学べばいいか分からない」あなたへ──若手エンジニアのための学習地図
panda_program
3
660
Reactの歴史を振り返る
tutinoko
1
140
脱Riverpod?fqueryで考える、TanStack Queryライクなアーキテクチャの可能性
ostk0069
0
570
Featured
See All Featured
Reflections from 52 weeks, 52 projects
jeffersonlam
351
21k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
33
2.4k
StorybookのUI Testing Handbookを読んだ
zakiyama
30
5.9k
Java REST API Framework Comparison - PWX 2021
mraible
31
8.7k
Navigating Team Friction
lara
187
15k
Speed Design
sergeychernyshev
32
1k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
PRO
181
54k
Rebuilding a faster, lazier Slack
samanthasiow
83
9.1k
10 Git Anti Patterns You Should be Aware of
lemiorhan
PRO
656
60k
Thoughts on Productivity
jonyablonski
69
4.8k
Optimising Largest Contentful Paint
csswizardry
37
3.4k
Designing Experiences People Love
moore
142
24k
Transcript
ࣗ࡞όΠφϦΤσΟλΛ ༻͍ͨόΠφϦղੳ ˏtkmru ͚ͨ·Δ 2016-03-04 Fri Security Camp Forum
୭ʁ • ໊લ: ͚ͨ·Δ (@tkmru) • ॴଐ: େֶ ใཧֶ෦ •
CTFνʔϜ: TomoriNao
༑རಸॹ(SECCON 2015 Intercollege)
None
ຊ༑རಸॹͰͳ͘ ʮࣗ࡞όΠφϦΤσΟλΛ ༻͍ͨόΠφϦղੳʯ
όΠφϦΤσΟλͱ • ͲΜͳϑΝΠϧͰ16ਐͰදࣔ͢Δ • ͍͋͠ϑΝΠϧΛ࠷ॳʹͿͪࠐΉιϑτ
BZ http://www.forest.impress.co.jp/library/img/review/10014/html/bz1.jpg.html
Stirling http://1.bp.blogspot.com/-O5txkaVlhRg/US3i8jFWvjI/AAAAAAAAdTA/uaDiY_RHDMc/s1600/02.png
grep • όΠφϦΤσΟλ্ͰΑ͘ߦΘΕΔղੳٕ๏ • ࢹͰॏཁͦ͏ͳσʔλΛݟ͚ͭΔߦҝ • Ή͔͍ͣ͠
ʮҰൠతʹgrepόΠφϦΤ σΟλʹࡌ͞Ε͍ͯΔϏοτϚο ϓϏϡʔΛۦ͠ɺ ͑ΒΕͨ ؟ྗɺݚ͗·͞Εͨੜͷצ ʹΑͬͯൃش͞ΕΔೳྗͰ͋Γɺ ࿅ͷ߹͍ʹΑͬͯେ͖͘ݸਓ ͕ࠩੜ͡ΔೳྗͰ͋Δɻʯ https://gist.github.com/yoggy/4116843
ϓϩʹ͔͠Ͱ͖ͳ͍
طଘͷόΠφϦΤσΟλͷෆຬ • mac͚ʹσϑΝΫτελϯμʔυͱ͍͑ Δͷ͕ͳ͍ • ϓϩͰͳ͍ਓ͕grep͢Δͱݟམͱ͕͠ൃ ੜ͢Δ → ΫϩεϓϥοτϑΥʔϜͰղੳΛࣗಈԽͯ͠ ͘ΕΔόΠφϦΤσΟλ͕΄͍͠
ͦ͜Ͱࣗ࡞όΠφϦΤσΟλ
biwx(ͼ͎ͬ͘͢)
ࡐྉ • Python • wxPython - C++ͷGUIϥΠϒϥϦ ʮwxWidgetsʯͷϥούʔ binary editor
+ wxPython = biwx
ಛ • ΫϩεϓϥοτϑΥʔϜ • Φʔϓϯιʔε • ϑΝΠϧͷγάωΠνϟΛ৭͚ • ৄࡉใΛදࣔ(γάωΠνϟͷॴɺPDFͷύʔε) •
ࣗಈղੳػೳ
ࣗಈղੳػೳ • Έࠐ·ΕͨϑΝΠϧͷΓग़͠ • όΠφϦͷ୯७ͳΓग़͠ • PDFͷࣗಈύʔε
σϞ1 SECCON CTF 2015 Steganography 1 MrFusion.gpjb
MrFusion.gpjb • Α͔͘Βͳ͍ϑΝΠϧ͕༩͑ΒΕΔ • ͳ͔ʹෳͷը૾ϑΝΠϧ͕Ӆ͞Ε͍ͯΔ • औΓग़ͯ͠ॱ൪ʹಡΊ͕͔͑Δ
flag SECCON{OCT 21 2015 0728}
σϞ2 malicious PDFͷղੳ
malicious PDFͷղੳ • PDFʹJavaScriptίʔυΛຒΊࠐΊΔ • Adobe ReaderͰ JavaScript ࣮ߦݖݶ͕༗ޮ ʹͳ͍ͬͯΕ࣮ߦ͞ΕΔ
ࠓޙͷల • ࣗಈղੳػೳͷ֦ॆ • γΣϧίʔυͷղੳ • ղੳऀ͕Ѫ༻͢Δπʔϧʹҭ͍͖͍ͯͯͨ
͝ਗ਼ௌ͋Γ͕ͱ͏͍͟͝·ͨ͠