GPN19:Using angr to augment binary analysis workflow: Unterschied zwischen den Versionen

Version vom 29. Mai 2019, 13:27 Uhr

Ein Workshop von Alexeyan, Florian Magin auf der GPN19.

In this workshop we will present the binary analysis toolkit angr. We will show it’s capabilities for reverse engineering and how to use them to improve your reverse engineering workflow. This includes both using angr as a standalone tool, how it’s features can be integrated into modern tools like IDA, Binary Ninja or radare2 and how to built your own custom tooling on top of it.

We will introduce core concepts like:

Intermediate Representations
- architecture independent analysis

- formalizing instruction behavior
Symbolic Execution
- Reasoning about how some code would behave depending on all its inputs and not just with one specific input
SMT Solving
- Formalizing your problem

- Use ~~decades of research in automated theorem proving and constraint solving~~ some Python to solve it

And present problems that can be solved using those concepts in addition to introductory exercises:

First Hands-On experience with angr

Thinking about programs symbolically instead of concretely

automatically finding passwords/keys/backdoors

Breaking anti-reverse-engineering measures and tricks (e.g. opaque predicates, dead code, obfuscation)

Vorlage:Navigationsleiste GPN19:Vorträge

@@ Zeile 1: / Zeile 1: @@
 Ein Workshop von Alexeyan, Florian Magin auf der [[GPN19]].
-In this workshop we will present the binary analysis toolkit [angr](https://angr.io).
+In this workshop we will present the binary analysis toolkit [https://angr.io angr].
-We will show it's capabilities for reverse engineering and how to use them to improve your reverse engineering workflow.
+We will show it’s capabilities for reverse engineering and how to use them to improve your reverse engineering workflow.
-This includes both using angr as a standalone tool, how it's features can be integrated into modern tools like IDA, Binary Ninja or radare2 and how to built your own custom tooling on top of it.
+This includes both using angr as a standalone tool, how it’s features can be integrated into modern tools like IDA, Binary Ninja or radare2 and how to built your own custom tooling on top of it.
 We will introduce core concepts like:
 * Intermediate Representations
-    * architecture independent analysis
+** architecture independent analysis<br />
-    * formalizing instruction behavior
+** formalizing instruction behavior
 * Symbolic Execution
-    * Reasoning about how some code would behave depending on all its inputs and not just with one specific input
+** Reasoning about how some code would behave depending on all its inputs and not just with one specific input
+* SMT Solving
+** Formalizing your problem<br />
-* SMT Solving
+** Use <s>decades of research in automated theorem proving and constraint solving</s> some Python to solve it
-    * Formalizing your problem
-    * Use ~~decades of research in automated theorem proving and constraint solving~~ some Python to solve it
 And present problems that can be solved using those concepts in addition to introductory exercises:
-* First Hands-On experience with angr
+* First Hands-On experience with angr<br />
-* Thinking about programs symbolically instead of concretely
-* automatically finding passwords/keys/backdoors
-* Breaking anti-reverse-engineering measures and tricks (e.g. opaque predicates, dead code, obfuscation)
-== Links ==
+* Thinking about programs symbolically instead of concretely<br />
+* automatically finding passwords/keys/backdoors<br />
+* Breaking anti-reverse-engineering measures and tricks (e.g. opaque predicates, dead code, obfuscation)
 {{Navigationsleiste GPN19:Vorträge}}