Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
自作バイナリエディタを用いたバイナリ解析
Search
@tkmru
March 05, 2016
Programming
3
2.3k
自作バイナリエディタを用いたバイナリ解析
セキュリティ・キャンプ・フォーラム 2016/03/04
@tkmru
March 05, 2016
Tweet
Share
More Decks by @tkmru
See All by @tkmru
Bring Your Own Container: When Containers Turn the Key to EDR Bypass/byoc-avtokyo2024
tkmru
2
1.2k
ipa-medit: Memory search and patch tool for IPA without Jailbreaking/ipa-medit-bh2022-europe
tkmru
0
300
Ipa-medit: Memory modification tool for iOS apps without Jailbreaking/ipa-medit-codeblue2022
tkmru
0
160
趣味と実益のための著名なOSSライブラリ起因の脆弱性の探求/seccamp2021-b5
tkmru
0
5.2k
Ipa-medit: Memory Search and Patch Tool for IPA Without Jailbreaking @Black Hat USA 2021 Arsenal/ipa-medit-bh2021-usa
tkmru
1
4.4k
Learn the essential way of thinking about vulnerabilities through post-exploitation on middlewares (MySQL/PostgreSQL編)/seccamp2020-b8
tkmru
3
860
apk-medit: memory search and patch tool for debuggable APK @CODE BLUE 2020 Bluebox
tkmru
0
190
apk-medit: memory search and patch tool for debuggable APK @Black Hat USA 2020 Arsenal/apk-medit-bh2020-usa
tkmru
0
4.1k
めんどうくさいゲームセキュリティ
tkmru
20
11k
Other Decks in Programming
See All in Programming
バッチを作らなきゃとなったときに考えること
irof
2
520
Introduction to kotlinx.rpc
arawn
0
760
ナレッジイネイブリングにAIを活用してみる ゆるSRE勉強会 #9
nealle
0
150
5分で理解する SOLID 原則 #phpcon_nagoya
shogogg
1
300
『テスト書いた方が開発が早いじゃん』を解き明かす #phpcon_nagoya
o0h
PRO
8
2.4k
Honoをフロントエンドで使う 3つのやり方
yusukebe
7
3.5k
Bedrock Agentsレスポンス解析によるAgentのOps
licux
3
920
「個人開発マネタイズ大全」が教えてくれたこと
bani24884
1
180
Amazon Q Developer Proで効率化するAPI開発入門
seike460
PRO
0
120
新宿駅構内を三人称視点で探索してみる
satoshi7190
2
120
負債になりにくいCSSをデザイナとつくるには?
fsubal
10
2.6k
ML.NETで始める機械学習
ymd65536
0
230
Featured
See All Featured
Fontdeck: Realign not Redesign
paulrobertlloyd
83
5.4k
A better future with KSS
kneath
238
17k
Building Adaptive Systems
keathley
40
2.4k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
233
17k
Docker and Python
trallard
44
3.3k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
30
4.6k
Navigating Team Friction
lara
183
15k
Mobile First: as difficult as doing things right
swwweet
223
9.4k
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
10
1.3k
Build your cross-platform service in a week with App Engine
jlugia
229
18k
How STYLIGHT went responsive
nonsquared
98
5.4k
Documentation Writing (for coders)
carmenintech
67
4.6k
Transcript
ࣗ࡞όΠφϦΤσΟλΛ ༻͍ͨόΠφϦղੳ ˏtkmru ͚ͨ·Δ 2016-03-04 Fri Security Camp Forum
୭ʁ • ໊લ: ͚ͨ·Δ (@tkmru) • ॴଐ: େֶ ใཧֶ෦ •
CTFνʔϜ: TomoriNao
༑རಸॹ(SECCON 2015 Intercollege)
None
ຊ༑རಸॹͰͳ͘ ʮࣗ࡞όΠφϦΤσΟλΛ ༻͍ͨόΠφϦղੳʯ
όΠφϦΤσΟλͱ • ͲΜͳϑΝΠϧͰ16ਐͰදࣔ͢Δ • ͍͋͠ϑΝΠϧΛ࠷ॳʹͿͪࠐΉιϑτ
BZ http://www.forest.impress.co.jp/library/img/review/10014/html/bz1.jpg.html
Stirling http://1.bp.blogspot.com/-O5txkaVlhRg/US3i8jFWvjI/AAAAAAAAdTA/uaDiY_RHDMc/s1600/02.png
grep • όΠφϦΤσΟλ্ͰΑ͘ߦΘΕΔղੳٕ๏ • ࢹͰॏཁͦ͏ͳσʔλΛݟ͚ͭΔߦҝ • Ή͔͍ͣ͠
ʮҰൠతʹgrepόΠφϦΤ σΟλʹࡌ͞Ε͍ͯΔϏοτϚο ϓϏϡʔΛۦ͠ɺ ͑ΒΕͨ ؟ྗɺݚ͗·͞Εͨੜͷצ ʹΑͬͯൃش͞ΕΔೳྗͰ͋Γɺ ࿅ͷ߹͍ʹΑͬͯେ͖͘ݸਓ ͕ࠩੜ͡ΔೳྗͰ͋Δɻʯ https://gist.github.com/yoggy/4116843
ϓϩʹ͔͠Ͱ͖ͳ͍
طଘͷόΠφϦΤσΟλͷෆຬ • mac͚ʹσϑΝΫτελϯμʔυͱ͍͑ Δͷ͕ͳ͍ • ϓϩͰͳ͍ਓ͕grep͢Δͱݟམͱ͕͠ൃ ੜ͢Δ → ΫϩεϓϥοτϑΥʔϜͰղੳΛࣗಈԽͯ͠ ͘ΕΔόΠφϦΤσΟλ͕΄͍͠
ͦ͜Ͱࣗ࡞όΠφϦΤσΟλ
biwx(ͼ͎ͬ͘͢)
ࡐྉ • Python • wxPython - C++ͷGUIϥΠϒϥϦ ʮwxWidgetsʯͷϥούʔ binary editor
+ wxPython = biwx
ಛ • ΫϩεϓϥοτϑΥʔϜ • Φʔϓϯιʔε • ϑΝΠϧͷγάωΠνϟΛ৭͚ • ৄࡉใΛදࣔ(γάωΠνϟͷॴɺPDFͷύʔε) •
ࣗಈղੳػೳ
ࣗಈղੳػೳ • Έࠐ·ΕͨϑΝΠϧͷΓग़͠ • όΠφϦͷ୯७ͳΓग़͠ • PDFͷࣗಈύʔε
σϞ1 SECCON CTF 2015 Steganography 1 MrFusion.gpjb
MrFusion.gpjb • Α͔͘Βͳ͍ϑΝΠϧ͕༩͑ΒΕΔ • ͳ͔ʹෳͷը૾ϑΝΠϧ͕Ӆ͞Ε͍ͯΔ • औΓग़ͯ͠ॱ൪ʹಡΊ͕͔͑Δ
flag SECCON{OCT 21 2015 0728}
σϞ2 malicious PDFͷղੳ
malicious PDFͷղੳ • PDFʹJavaScriptίʔυΛຒΊࠐΊΔ • Adobe ReaderͰ JavaScript ࣮ߦݖݶ͕༗ޮ ʹͳ͍ͬͯΕ࣮ߦ͞ΕΔ
ࠓޙͷల • ࣗಈղੳػೳͷ֦ॆ • γΣϧίʔυͷղੳ • ղੳऀ͕Ѫ༻͢Δπʔϧʹҭ͍͖͍ͯͯͨ
͝ਗ਼ௌ͋Γ͕ͱ͏͍͟͝·ͨ͠