Upgrade to Pro — share decks privately, control downloads, hide ads and more …

自作バイナリエディタを用いたバイナリ解析

@tkmru
March 05, 2016
Programming
3
2.3k

 自作バイナリエディタを用いたバイナリ解析

セキュリティ・キャンプ・フォーラム 2016/03/04

@tkmru

March 05, 2016
Tweet

More Decks by @tkmru

See All by @tkmru
ipa-medit: Memory search and patch tool for IPA without Jailbreaking/ipa-medit-bh2022-europe
tkmru
0
270
Ipa-medit: Memory modification tool for iOS apps without Jailbreaking/ipa-medit-codeblue2022
tkmru
0
140
趣味と実益のための著名なOSSライブラリ起因の脆弱性の探求/seccamp2021-b5
tkmru
0
4.8k
Ipa-medit: Memory Search and Patch Tool for IPA Without Jailbreaking @Black Hat USA 2021 Arsenal/ipa-medit-bh2021-usa
tkmru
1
4.3k
Learn the essential way of thinking about vulnerabilities through post-exploitation on middlewares (MySQL/PostgreSQL編)/seccamp2020-b8
tkmru
3
830
apk-medit: memory search and patch tool for debuggable APK @CODE BLUE 2020 Bluebox
tkmru
0
190
apk-medit: memory search and patch tool for debuggable APK @Black Hat USA 2020 Arsenal/apk-medit-bh2020-usa
tkmru
0
4k
めんどうくさいゲームセキュリティ
tkmru
20
10k
Linux Rootkit Internals
tkmru
1
1.9k

Other Decks in Programming

See All in Programming
「今のプロジェクトいろいろ大変なんですよ、app/services とかもあって……」/After Kaigi on Rails 2024 LT Night
junk0612
5
2.2k
とにかくAWS GameDay!AWSは世界の共通言語! / Anyway, AWS GameDay! AWS is the world's lingua franca!
seike460
PRO
1
900
エンジニアとして関わる要件と仕様(公開用)
murabayashi
0
300
Webの技術スタックで マルチプラットフォームアプリ開発を可能にするElixirDesktopの紹介
thehaigo
2
1k
Nurturing OpenJDK distribution: Eclipse Temurin Success History and plan
ivargrimstad
0
980
macOS でできる リアルタイム動画像処理
biacco42
9
2.4k
C++でシェーダを書く
fadis
6
4.1k
Generative AI Use Cases JP (略称:GenU)奮闘記
hideg
1
300
色々なIaCツールを実際に触って比較してみる
iriikeita
0
330
WebフロントエンドにおけるGraphQL(あるいはバックエンドのAPI)との向き合い方 / #241106_plk_frontend
izumin5210
4
1.4k
Why Jakarta EE Matters to Spring - and Vice Versa
ivargrimstad
0
1.2k
距離関数を極める! / SESSIONS 2024
gam0022
0
290

Featured

See All Featured
5 minutes of I Can Smell Your CMS
philhawksworth
202
19k
How to Think Like a Performance Engineer
csswizardry
20
1.1k
Site-Speed That Sticks
csswizardry
0
28
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
44
6.8k
Rebuilding a faster, lazier Slack
samanthasiow
79
8.7k
What's new in Ruby 2.0
geeforr
343
31k
Build The Right Thing And Hit Your Dates
maggiecrowley
33
2.4k
Agile that works and the tools we love
rasmusluckow
327
21k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
28
2k
KATA
mclloyd
29
14k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
364
24k
It's Worth the Effort
3n
183
27k

Transcript

  1. ࣗ࡞όΠφϦΤσΟλΛ ༻͍ͨόΠφϦղੳ ˏtkmru ͚ͨ·Δ 2016-03-04 Fri Security Camp Forum

  2. ୭ʁ • ໊લ: ͚ͨ·Δ (@tkmru) • ॴଐ: ๭େֶ ৘ใཧ޻ֶ෦ •

    CTFνʔϜ: TomoriNao

  3. ༑རಸॹ(SECCON 2015 Intercollege)

  4. None

  5. ຊ୊͸༑རಸॹͰͳ͘ ʮࣗ࡞όΠφϦΤσΟλΛ ༻͍ͨόΠφϦղੳʯ

  6. όΠφϦΤσΟλͱ͸ • ͲΜͳϑΝΠϧͰ΋16ਐ਺Ͱදࣔ͢Δ • ͋΍͍͠ϑΝΠϧΛ࠷ॳʹͿͪࠐΉιϑτ

  7. BZ http://www.forest.impress.co.jp/library/img/review/10014/html/bz1.jpg.html

  8. Stirling http://1.bp.blogspot.com/-O5txkaVlhRg/US3i8jFWvjI/AAAAAAAAdTA/uaDiY_RHDMc/s1600/02.png

  9. ໨grep • όΠφϦΤσΟλ্ͰΑ͘ߦΘΕΔղੳٕ๏ • ໨ࢹͰॏཁͦ͏ͳσʔλΛݟ͚ͭΔߦҝ • Ή͔͍ͣ͠

  10. ʮҰൠతʹ໨grep͸όΠφϦΤ σΟλʹ౥ࡌ͞Ε͍ͯΔϏοτϚο ϓϏϡʔΛۦ࢖͠ɺ ஁͑ΒΕͨ ؟ྗɺݚ͗੅·͞Εͨ໺ੜͷצ ʹΑͬͯൃش͞ΕΔೳྗͰ͋Γɺ ஁࿅ͷ౓߹͍ʹΑͬͯେ͖͘ݸਓ ͕ࠩੜ͡ΔೳྗͰ͋Δɻʯ https://gist.github.com/yoggy/4116843

  11. ϓϩʹ͔͠Ͱ͖ͳ͍

  12. طଘͷόΠφϦΤσΟλ΁ͷෆຬ • mac޲͚ʹ͸σϑΝΫτελϯμʔυͱ͍͑ Δ΋ͷ͕ͳ͍ • ϓϩͰ͸ͳ͍ਓ͕໨grep͢Δͱݟམͱ͕͠ൃ ੜ͢Δ → ΫϩεϓϥοτϑΥʔϜͰղੳΛࣗಈԽͯ͠ ͘ΕΔόΠφϦΤσΟλ͕΄͍͠

  13. ͦ͜Ͱࣗ࡞όΠφϦΤσΟλ

  14. biwx(ͼ͎ͬ͘͢)

  15. ࡐྉ • Python • wxPython - C++ͷGUIϥΠϒϥϦ ʮwxWidgetsʯͷϥούʔ binary editor

    + wxPython = biwx

  16. ಛ௃ • ΫϩεϓϥοτϑΥʔϜ • Φʔϓϯιʔε • ϑΝΠϧͷγάωΠνϟΛ৭෼͚ • ৄࡉ৘ใΛදࣔ(γάωΠνϟͷ৔ॴɺPDFͷύʔε) •

    ࣗಈղੳػೳ

  17. ࣗಈղੳػೳ • ૊Έࠐ·ΕͨϑΝΠϧͷ੾Γग़͠ • όΠφϦͷ୯७ͳ੾Γग़͠ • PDFͷࣗಈύʔε

  18. σϞ1 SECCON CTF 2015 Steganography 1 MrFusion.gpjb

  19. MrFusion.gpjb • Α͘෼͔Βͳ͍ϑΝΠϧ͕༩͑ΒΕΔ • ͳ͔ʹෳ਺ͷը૾ϑΝΠϧ͕Ӆ͞Ε͍ͯΔ • औΓग़ͯ͠ॱ൪ʹಡΊ͹౴͕͑෼͔Δ

  20. flag SECCON{OCT 21 2015 0728}

  21. σϞ2 malicious PDFͷղੳ

  22. malicious PDFͷղੳ • PDFʹ͸JavaScriptίʔυΛຒΊࠐΊΔ • Adobe ReaderͰ JavaScript ࣮ߦݖݶ͕༗ޮ ʹͳ͍ͬͯΕ͹࣮ߦ͞ΕΔ

  23. ࠓޙͷల๬ • ࣗಈղੳػೳͷ֦ॆ • γΣϧίʔυͷղੳ • ղੳऀ͕Ѫ༻͢Δπʔϧʹҭ͍͖͍ͯͯͨ

  24. ͝ਗ਼ௌ͋Γ͕ͱ͏͍͟͝·ͨ͠