Upgrade to Pro — share decks privately, control downloads, hide ads and more …

自作バイナリエディタを用いたバイナリ解析

Sponsored · SiteGround - Reliable hosting with speed, security, and support you can count on.
Avatar for @tkmru @tkmru
March 05, 2016
Programming
3
2.4k

 自作バイナリエディタを用いたバイナリ解析

セキュリティ・キャンプ・フォーラム 2016/03/04

Avatar for @tkmru

@tkmru

March 05, 2016
Tweet

More Decks by @tkmru

See All by @tkmru
リバースエンジニアリング新時代へ!
GhidraとClaude DesktopをMCPで繋ぐ/findy202507
Avatar for @tkmru tkmru
8
2.3k
Bring Your Own Container: When Containers Turn the Key to EDR Bypass/byoc-avtokyo2024
Avatar for @tkmru tkmru
2
1.7k
ipa-medit: Memory search and patch tool for IPA without Jailbreaking/ipa-medit-bh2022-europe
Avatar for @tkmru tkmru
0
380
Ipa-medit: Memory modification tool for iOS apps without Jailbreaking/ipa-medit-codeblue2022
Avatar for @tkmru tkmru
0
210
趣味と実益のための著名なOSSライブラリ起因の脆弱性の探求/seccamp2021-b5
Avatar for @tkmru tkmru
0
5.5k
Ipa-medit: Memory Search and Patch Tool for IPA Without Jailbreaking @Black Hat USA 2021 Arsenal/ipa-medit-bh2021-usa
Avatar for @tkmru tkmru
1
4.7k
Learn the essential way of thinking about vulnerabilities through post-exploitation on middlewares (MySQL/PostgreSQL編)/seccamp2020-b8
Avatar for @tkmru tkmru
3
960
apk-medit: memory search and patch tool for debuggable APK @CODE BLUE 2020 Bluebox
Avatar for @tkmru tkmru
0
230
apk-medit: memory search and patch tool for debuggable APK @Black Hat USA 2020 Arsenal/apk-medit-bh2020-usa
Avatar for @tkmru tkmru
0
4.4k

Other Decks in Programming

See All in Programming
360° Signals in Angular: Signal Forms with SignalStore & Resources @ngLondon 01/2026
Avatar for Manfred Steyer manfredsteyer
PRO
0
140
AI時代のキャリアプラン「技術の引力」からの脱出と「問い」へのいざない / tech-gravity
Avatar for MinoDriven minodriven
21
7.4k
IFSによる形状設計/デモシーンの魅力 @ 慶應大学SFC
Avatar for がむ gam0022
1
310
izumin5210のプロポーザルのネタ探し #tskaigi_msup
Avatar for izumin5210 izumin5210
1
140
AI Schema Enrichment for your Oracle AI Database
Avatar for thatjeffsmith thatjeffsmith
0
330
CSC307 Lecture 07
Avatar for Javier Gonzalez-Sanchez javiergs
PRO
1
560
責任感のあるCloudWatchアラームを設計しよう
Avatar for アキキー akihisaikeda
3
180
CSC307 Lecture 01
Avatar for Javier Gonzalez-Sanchez javiergs
PRO
0
690
AIフル活用時代だからこそ学んでおきたい働き方の心得
Avatar for shinoyu shinoyu
0
140
Apache Iceberg V3 and migration to V3
Avatar for Tomohiro Tanaka tomtanaka
0
170
疑似コードによるプロンプト記述、どのくらい正確に実行される?
Avatar for kokuyouwind kokuyouwind
0
390
Rust 製のコードエディタ “Zed” を使ってみた
Avatar for NearMeの技術発表資料です nearme_tech
PRO
0
210

Featured

See All Featured
The innovator’s Mindset - 
Leading Through an Era of Exponential Change - McGill University 2025
Avatar for Jean-Marc De Jonghe jdejongh
PRO
1
94
Designing Powerful Visuals for Engaging Learning
Avatar for Mike Taylor tmiket
0
240
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
Avatar for panda_program panda_program
122
21k
Building Experiences: Design Systems, User Experience, and Full Site Editing
Avatar for Michelle Schulp Hunt marktimemedia
0
410
We Analyzed 250 Million AI Search Results: Here's What I Found
Avatar for Josh Blyskal joshbly
1
750
The Art of Programming - Codeland 2020
Avatar for Erika Heidi erikaheidi
57
14k
Docker and Python
Avatar for Tania Allard trallard
47
3.7k
Have SEOs Ruined the Internet? - User Awareness of SEO in 2025
Avatar for Akash Hashmi akashhashmi
0
270
How People are Using Generative and Agentic AI to Supercharge Their Products, Projects, Services and Value Streams Today
Avatar for Helen Beal helenjbeal
1
130
Highjacked: Video Game Concept Design
Avatar for Ryan Kendrick rkendrick25
PRO
1
290
Gemini Prompt Engineering: Practical Techniques for Tangible AI Outcomes
Avatar for Mfonobong Umondia mfonobong
2
280
Collaborative Software Design: How to facilitate domain modelling decisions
Avatar for Kenny Baas-Schwegler baasie
0
140

Transcript

  1. ࣗ࡞όΠφϦΤσΟλΛ ༻͍ͨόΠφϦղੳ ˏtkmru ͚ͨ·Δ 2016-03-04 Fri Security Camp Forum

  2. ୭ʁ • ໊લ: ͚ͨ·Δ (@tkmru) • ॴଐ: ๭େֶ ৘ใཧ޻ֶ෦ •

    CTFνʔϜ: TomoriNao

  3. ༑རಸॹ(SECCON 2015 Intercollege)

  4. None

  5. ຊ୊͸༑རಸॹͰͳ͘ ʮࣗ࡞όΠφϦΤσΟλΛ ༻͍ͨόΠφϦղੳʯ

  6. όΠφϦΤσΟλͱ͸ • ͲΜͳϑΝΠϧͰ΋16ਐ਺Ͱදࣔ͢Δ • ͋΍͍͠ϑΝΠϧΛ࠷ॳʹͿͪࠐΉιϑτ

  7. BZ http://www.forest.impress.co.jp/library/img/review/10014/html/bz1.jpg.html

  8. Stirling http://1.bp.blogspot.com/-O5txkaVlhRg/US3i8jFWvjI/AAAAAAAAdTA/uaDiY_RHDMc/s1600/02.png

  9. ໨grep • όΠφϦΤσΟλ্ͰΑ͘ߦΘΕΔղੳٕ๏ • ໨ࢹͰॏཁͦ͏ͳσʔλΛݟ͚ͭΔߦҝ • Ή͔͍ͣ͠

  10. ʮҰൠతʹ໨grep͸όΠφϦΤ σΟλʹ౥ࡌ͞Ε͍ͯΔϏοτϚο ϓϏϡʔΛۦ࢖͠ɺ ஁͑ΒΕͨ ؟ྗɺݚ͗੅·͞Εͨ໺ੜͷצ ʹΑͬͯൃش͞ΕΔೳྗͰ͋Γɺ ஁࿅ͷ౓߹͍ʹΑͬͯେ͖͘ݸਓ ͕ࠩੜ͡ΔೳྗͰ͋Δɻʯ https://gist.github.com/yoggy/4116843

  11. ϓϩʹ͔͠Ͱ͖ͳ͍

  12. طଘͷόΠφϦΤσΟλ΁ͷෆຬ • mac޲͚ʹ͸σϑΝΫτελϯμʔυͱ͍͑ Δ΋ͷ͕ͳ͍ • ϓϩͰ͸ͳ͍ਓ͕໨grep͢Δͱݟམͱ͕͠ൃ ੜ͢Δ → ΫϩεϓϥοτϑΥʔϜͰղੳΛࣗಈԽͯ͠ ͘ΕΔόΠφϦΤσΟλ͕΄͍͠

  13. ͦ͜Ͱࣗ࡞όΠφϦΤσΟλ

  14. biwx(ͼ͎ͬ͘͢)

  15. ࡐྉ • Python • wxPython - C++ͷGUIϥΠϒϥϦ ʮwxWidgetsʯͷϥούʔ binary editor

    + wxPython = biwx

  16. ಛ௃ • ΫϩεϓϥοτϑΥʔϜ • Φʔϓϯιʔε • ϑΝΠϧͷγάωΠνϟΛ৭෼͚ • ৄࡉ৘ใΛදࣔ(γάωΠνϟͷ৔ॴɺPDFͷύʔε) •

    ࣗಈղੳػೳ

  17. ࣗಈղੳػೳ • ૊Έࠐ·ΕͨϑΝΠϧͷ੾Γग़͠ • όΠφϦͷ୯७ͳ੾Γग़͠ • PDFͷࣗಈύʔε

  18. σϞ1 SECCON CTF 2015 Steganography 1 MrFusion.gpjb

  19. MrFusion.gpjb • Α͘෼͔Βͳ͍ϑΝΠϧ͕༩͑ΒΕΔ • ͳ͔ʹෳ਺ͷը૾ϑΝΠϧ͕Ӆ͞Ε͍ͯΔ • औΓग़ͯ͠ॱ൪ʹಡΊ͹౴͕͑෼͔Δ

  20. flag SECCON{OCT 21 2015 0728}

  21. σϞ2 malicious PDFͷղੳ

  22. malicious PDFͷղੳ • PDFʹ͸JavaScriptίʔυΛຒΊࠐΊΔ • Adobe ReaderͰ JavaScript ࣮ߦݖݶ͕༗ޮ ʹͳ͍ͬͯΕ͹࣮ߦ͞ΕΔ

  23. ࠓޙͷల๬ • ࣗಈղੳػೳͷ֦ॆ • γΣϧίʔυͷղੳ • ղੳऀ͕Ѫ༻͢Δπʔϧʹҭ͍͖͍ͯͯͨ

  24. ͝ਗ਼ௌ͋Γ͕ͱ͏͍͟͝·ͨ͠