Lock in $30 Savings on PRO—Offer Ends Soon! ⏳
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
自作バイナリエディタを用いたバイナリ解析
Search
@tkmru
March 05, 2016
Programming
3
2.4k
自作バイナリエディタを用いたバイナリ解析
セキュリティ・キャンプ・フォーラム 2016/03/04
@tkmru
March 05, 2016
Tweet
Share
More Decks by @tkmru
See All by @tkmru
株式会社ステラセキュリティ会社紹介資料/sterrasec-introduction
tkmru
0
680
リバースエンジニアリング新時代へ! GhidraとClaude DesktopをMCPで繋ぐ/findy202507
tkmru
8
2k
Bring Your Own Container: When Containers Turn the Key to EDR Bypass/byoc-avtokyo2024
tkmru
2
1.7k
ipa-medit: Memory search and patch tool for IPA without Jailbreaking/ipa-medit-bh2022-europe
tkmru
0
360
Ipa-medit: Memory modification tool for iOS apps without Jailbreaking/ipa-medit-codeblue2022
tkmru
0
200
趣味と実益のための著名なOSSライブラリ起因の脆弱性の探求/seccamp2021-b5
tkmru
0
5.4k
Ipa-medit: Memory Search and Patch Tool for IPA Without Jailbreaking @Black Hat USA 2021 Arsenal/ipa-medit-bh2021-usa
tkmru
1
4.6k
Learn the essential way of thinking about vulnerabilities through post-exploitation on middlewares (MySQL/PostgreSQL編)/seccamp2020-b8
tkmru
3
950
apk-medit: memory search and patch tool for debuggable APK @CODE BLUE 2020 Bluebox
tkmru
0
220
Other Decks in Programming
See All in Programming
dotfiles 式年遷宮 令和最新版
masawada
1
230
WebRTC と Rust と 8K 60fps
tnoho
2
1.1k
ZOZOにおけるAI活用の現在 ~モバイルアプリ開発でのAI活用状況と事例~
zozotech
PRO
7
3k
AIコードレビューがチームの"文脈"を 読めるようになるまで
marutaku
0
210
20 years of Symfony, what's next?
fabpot
1
150
JJUG CCC 2025 Fall: Virtual Thread Deep Dive
ternbusty
3
500
30分でDoctrineの仕組みと使い方を完全にマスターする / phpconkagawa 2025 Doctrine
ttskch
3
640
[堅牢.py #1] テストを書かない研究者に送る、最初にテストを書く実験コード入門 / Let's start your ML project by writing tests
shunk031
11
6.3k
Rails Girls Sapporo 2ndの裏側―準備の日々から見えた、私が得たもの / SAPPORO ENGINEER BASE #11
lemonade_37
2
200
Stay Hacker 〜九州で生まれ、Perlに出会い、コミュニティで育つ〜
pyama86
2
3.1k
分散DBって何者なんだ... Spannerから学ぶRDBとの違い
iwashi623
0
150
CSC305 Lecture 14
javiergs
PRO
0
330
Featured
See All Featured
Speed Design
sergeychernyshev
33
1.3k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
194
17k
Testing 201, or: Great Expectations
jmmastey
46
7.8k
BBQ
matthewcrist
89
9.9k
Context Engineering - Making Every Token Count
addyosmani
9
440
Large-scale JavaScript Application Architecture
addyosmani
514
110k
Become a Pro
speakerdeck
PRO
30
5.6k
Bash Introduction
62gerente
615
210k
The Art of Programming - Codeland 2020
erikaheidi
56
14k
We Have a Design System, Now What?
morganepeng
54
7.9k
The Cost Of JavaScript in 2023
addyosmani
55
9.3k
Code Reviewing Like a Champion
maltzj
527
40k
Transcript
ࣗ࡞όΠφϦΤσΟλΛ ༻͍ͨόΠφϦղੳ ˏtkmru ͚ͨ·Δ 2016-03-04 Fri Security Camp Forum
୭ʁ • ໊લ: ͚ͨ·Δ (@tkmru) • ॴଐ: େֶ ใཧֶ෦ •
CTFνʔϜ: TomoriNao
༑རಸॹ(SECCON 2015 Intercollege)
None
ຊ༑རಸॹͰͳ͘ ʮࣗ࡞όΠφϦΤσΟλΛ ༻͍ͨόΠφϦղੳʯ
όΠφϦΤσΟλͱ • ͲΜͳϑΝΠϧͰ16ਐͰදࣔ͢Δ • ͍͋͠ϑΝΠϧΛ࠷ॳʹͿͪࠐΉιϑτ
BZ http://www.forest.impress.co.jp/library/img/review/10014/html/bz1.jpg.html
Stirling http://1.bp.blogspot.com/-O5txkaVlhRg/US3i8jFWvjI/AAAAAAAAdTA/uaDiY_RHDMc/s1600/02.png
grep • όΠφϦΤσΟλ্ͰΑ͘ߦΘΕΔղੳٕ๏ • ࢹͰॏཁͦ͏ͳσʔλΛݟ͚ͭΔߦҝ • Ή͔͍ͣ͠
ʮҰൠతʹgrepόΠφϦΤ σΟλʹࡌ͞Ε͍ͯΔϏοτϚο ϓϏϡʔΛۦ͠ɺ ͑ΒΕͨ ؟ྗɺݚ͗·͞Εͨੜͷצ ʹΑͬͯൃش͞ΕΔೳྗͰ͋Γɺ ࿅ͷ߹͍ʹΑͬͯେ͖͘ݸਓ ͕ࠩੜ͡ΔೳྗͰ͋Δɻʯ https://gist.github.com/yoggy/4116843
ϓϩʹ͔͠Ͱ͖ͳ͍
طଘͷόΠφϦΤσΟλͷෆຬ • mac͚ʹσϑΝΫτελϯμʔυͱ͍͑ Δͷ͕ͳ͍ • ϓϩͰͳ͍ਓ͕grep͢Δͱݟམͱ͕͠ൃ ੜ͢Δ → ΫϩεϓϥοτϑΥʔϜͰղੳΛࣗಈԽͯ͠ ͘ΕΔόΠφϦΤσΟλ͕΄͍͠
ͦ͜Ͱࣗ࡞όΠφϦΤσΟλ
biwx(ͼ͎ͬ͘͢)
ࡐྉ • Python • wxPython - C++ͷGUIϥΠϒϥϦ ʮwxWidgetsʯͷϥούʔ binary editor
+ wxPython = biwx
ಛ • ΫϩεϓϥοτϑΥʔϜ • Φʔϓϯιʔε • ϑΝΠϧͷγάωΠνϟΛ৭͚ • ৄࡉใΛදࣔ(γάωΠνϟͷॴɺPDFͷύʔε) •
ࣗಈղੳػೳ
ࣗಈղੳػೳ • Έࠐ·ΕͨϑΝΠϧͷΓग़͠ • όΠφϦͷ୯७ͳΓग़͠ • PDFͷࣗಈύʔε
σϞ1 SECCON CTF 2015 Steganography 1 MrFusion.gpjb
MrFusion.gpjb • Α͔͘Βͳ͍ϑΝΠϧ͕༩͑ΒΕΔ • ͳ͔ʹෳͷը૾ϑΝΠϧ͕Ӆ͞Ε͍ͯΔ • औΓग़ͯ͠ॱ൪ʹಡΊ͕͔͑Δ
flag SECCON{OCT 21 2015 0728}
σϞ2 malicious PDFͷղੳ
malicious PDFͷղੳ • PDFʹJavaScriptίʔυΛຒΊࠐΊΔ • Adobe ReaderͰ JavaScript ࣮ߦݖݶ͕༗ޮ ʹͳ͍ͬͯΕ࣮ߦ͞ΕΔ
ࠓޙͷల • ࣗಈղੳػೳͷ֦ॆ • γΣϧίʔυͷղੳ • ղੳऀ͕Ѫ༻͢Δπʔϧʹҭ͍͖͍ͯͯͨ
͝ਗ਼ௌ͋Γ͕ͱ͏͍͟͝·ͨ͠
tkmru
masawada
tnoho
zozotech
marutaku
fabpot
ternbusty
ttskch
shunk031
lemonade_37
pyama86
iwashi623
javiergs
sergeychernyshev
afnizarnur
jmmastey
matthewcrist
addyosmani
speakerdeck
62gerente
erikaheidi
morganepeng
maltzj
