Hello workshop - Hello Anti-disassembly

  • Location: Bobek
  • Speaker: Csaba Fitzl
  • Date and time: 15:20 - 16:05

The goal of the workshop is a short introduction to anti-disassembly techniques.

We will review how the two main types of disassembler
works, and why they can be fooled, then we will cover 3 typical
examples. As part of each exercise we will create our own short C
program, which will cause the disassembler to incorrectly parse our
code, then we will see how we can manually find and correct it in IDA
Pro. As a last step we will create a short Python script for IDA Pro,
which will automatically find and mark these techniques for us. We
will also check how we can patch the code from an IDA Script to defeat
the anti-disassembly techniques.
 
Requirements
 
Dev-C++ http://sourceforge.net/projects/orwelldevcpp/
Python https://www.python.org/
Ida Pro Demo 6.8
https://www.hex-rays.com/products/ida/support/download_demo.shtml
Idapython 1.7.1 https://code.google.com/p/idapython/wiki/Downloads
 

Sponsors:

Gold
Gold
Gold
Silver
Silver
Silver
Silver
Silver
Silver
Bronze
JOB
Technical