Binary Auditing Geller Bedoya Michael Wozniak. Background  Binary auditing is a technique used to test the security and discover the inner workings of.

Slides:



Advertisements
Similar presentations
Designing a Program & the Java Programming Language
Advertisements

Etter/Ingber Engineering Problem Solving with C Fundamental Concepts Chapter 1 Engineering Problem Solving.
Utilizing the GDB debugger to analyze programs Background and application.
Web Forms and ASP.NET Programming Right from the Start with Visual Basic.NET 1/e 12.
Engineering Problem Solving With C++ An Object Based Approach Fundamental Concepts Chapter 1 Engineering Problem Solving.
Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Starting Out with Programming Logic & Design First Edition by Tony Gaddis.
1 Engineering Problem Solving With C++ An Object Based Approach Fundamental Concepts Chapter 1 Engineering Problem Solving.
1 SWE Introduction to Software Engineering Lecture 22 – Architectural Design (Chapter 13)
Copyright © 2012 Pearson Education, Inc. Chapter 1: Introduction to Computers and Programming.
A Guide to MySQL 3. 2 Objectives Start MySQL and learn how to use the MySQL Reference Manual Create a database Change (activate) a database Create tables.
Starting Out with C++: Early Objects 5/e © 2006 Pearson Education. All Rights Reserved Starting Out with C++: Early Objects 5 th Edition Chapter 1 Introduction.
Chapter 7 Managing Data Sources. ASP.NET 2.0, Third Edition2.
SRE  Introduction 1 Software Reverse Engineering (SRE)
CS 0008 Day 2 1. Today Hardware and Software How computers store data How a program works Operators, types, input Print function Running the debugger.
Prof. R. Willingale Department of Physics and Astronomy 2nd Year C+R 2 nd Year C and R Workshop Part of module PA2930 – 2.5 credits Venue: Computer terminal.
Copyright 2003 Scott/Jones Publishing Brief Version of Starting Out with C++, 4th Edition Chapter 1 Introduction to Computers and Programming.
Code Injection and Software Cracking’s Effect on Network Security Group 5 Jason Fritts Utsav Kanani Zener Bayudan ECE 4112 Fall 2007.
Alternate Version of STARTING OUT WITH C++ 4 th Edition Chapter 1 Introduction to Computers and Programming.
Chapter Introduction to Computers and Programming 1.
A Guide to SQL, Eighth Edition Chapter Three Creating Tables.
Copyright © 2010 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Starting Out with Programming Logic & Design Second Edition by Tony Gaddis.
Trying to like a boss… REVERSE ENGINEERING. WHAT EVEN IS… REVERSE ENGINEERING?? Reverse engineering is the process of disassembling and analyzing a particular.
Your Interactive Guide to the Digital World Discovering Computers 2012.
Discovering Computers Fundamentals, 2012 Edition Your Interactive Guide to the Digital World.
Application Security Tom Chothia Computer Security, Lecture 14.
Introduction to InfoSec – Recitation 2 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)
INTERNET APPLICATION DEVELOPMENT For More visit:
General Computer Science for Engineers CISC 106 Lecture 02 Dr. John Cavazos Computer and Information Sciences 09/03/2010.
Copyright © 2012 Pearson Education, Inc. Chapter 1: Introduction to Computers and Programming 1.
Copyright © 2012 Pearson Education, Inc. Chapter 1: Introduction to Computers and Programming.
Chapter 1: Introduction to Computers and Programming.
Copyright © 2009 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 1: Introduction to Computers and Programming.
Hans-Peter Plag October 9, 2014 Session 2 Storing Information File Formats Accessing Information Processing Information.
Computer Programming A program is a set of instructions a computer follows in order to perform a task. solve a problem Collectively, these instructions.
Introduction to Engineering MATLAB – 6 Script Files - 1 Agenda Script files.
EECS 354 Network Security Reverse Engineering. Introduction Preventing Reverse Engineering Reversing High Level Languages Reversing an ELF Executable.
Objectives Overview Define the term, database, and explain how a database interacts with data and information Describe the qualities of valuable information.
Chapter 8 Collecting Data with Forms. Chapter 8 Lessons Introduction 1.Plan and create a form 2.Edit and format a form 3.Work with form objects 4.Test.
A Guide to MySQL 3. 2 Introduction  Structured Query Language (SQL): Popular and widely used language for retrieving and manipulating database data Developed.
1 CHAPTER 5 DIFFING. 2 What is Diffing? Practice of comparing two sets of data, before and after a changed has occurred Practice of comparing two sets.
1 Text Reference: Warford. 2 Computer Architecture: The design of those aspects of a computer which are visible to the programmer. Architecture Organization.
A Level Computing#BristolMet Session ObjectivesU2#S12 MUST describe the terms modal and pretty printing in term of input and output facilities. SHOULD.
Disclaimer The Content, Demonstration, Source Code and Programs presented here is "AS IS" without any warranty or conditions.
Stealing Passwords Remotely & Malware Analysis PacITPros May 8, 2012.
Copyright 2003 Scott/Jones Publishing Standard Version of Starting Out with C++, 4th Edition Chapter 1 Introduction to Computers and Programming.
 Programming - the process of creating computer programs.
©2016 Pearson Education, Inc. Upper Saddle River, NJ. All Rights Reserved. CSC 110 – INTRO TO COMPUTING - PROGRAMMING Overview of Programming.
JavaScript 101 Introduction to Programming. Topics What is programming? The common elements found in most programming languages Introduction to JavaScript.
EECS 354: Network Security Group Members: Patrick Wong Eric Chan Shira Schneidman Web Attacks Project: Detecting XSS and SQL Injection Vulnerabilities.
Files in Python The Basics. Why use Files? Very small amounts of data – just hardcode them into the program A few pieces of data – ask the user to input.
Programming. In your own words, explain what an algorithm is, and give an example of how people use algorithms every day.
Dept. of Animal Breeding and Genetics Programming basics & introduction to PERL Mats Pettersson.
Software. Introduction n A computer can’t do anything without a program of instructions. n A program is a set of instructions a computer carries out.
Hello world !!! ASCII representation of hello.c.
Chapter 1: Introduction to Computers and Programming.
Copyright © 2010 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 1: Introduction to Computers and Programming.
Contents What is Reverse Engineering (RE)? Why do we need Reverse Engineering? Scope and Tasks of Reverse Engineering Reverse Engineering Tools Reverse.
Some of the utilities associated with the development of programs. These program development tools allow users to write and construct programs that the.
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
CST 1101 Problem Solving Using Computers
Static and dynamic analysis of binaries
Using Tweak to Study Ccrypt
Web Systems Development (CSC-215)
Lecture 2 - SQL Injection
Using SQL*Plus.
System Level Programming Software College of SCU
Understanding Hex “I hope you have the worst headache of your life, then you will begin to understand” ~unknown.
CYB 130 RANK Dreams Come True / cyb130rank.com.
Reverse Engineering for CTFs
Web Application Development Using PHP
Presentation transcript:

Binary Auditing Geller Bedoya Michael Wozniak

Background  Binary auditing is a technique used to test the security and discover the inner workings of closed source software.  These techniques can be used to find out what malicious software does.  They are also used by crackers to bypass authentication systems in programs.

Tools  Strings – used to list all printable strings that can be found in a file.  File – displays information about the file.  Hexedit – allows files to be edited at the binary level in a hex representation.

Tools (cont.)  Biew – This is a multi-platform tool that can be used as a hex editor and a disassembler.  Objdump – Used to disassemble binaries in linux.  Gdb – Debugger in linux.

Tools (cont.)  IDA – Interactive DisAssembler – This program is a windows only disassembler for windows and linux binaries. This is an advanced disassembler that can be integrated with scripting languages like python and ruby.

A Simple Binary  A program that takes in a password and compares it to a reference password to authenticate a user.  This type of program can be reverse engineered in many ways.

Simple.c

Method #1  Use hexedit, strings, objdump, or even a text editor.  These methods all display the password in plain text because the password is not encrypted.

Method #2  Suppose the input password were encrypted using a hash and compared to a known hash. Method #1 would be useless.  Method #2 is to modify the function of the binary by reversing the logic of the if statement.

Method #2

Method #3  The jump code can be changed to jump to a different place in the program or it can be changed from je to jne.  This type of change is independent of the test logic.

Anti-Reverse Engineering  Many software engineers attempt to disguise a program’s behaviour.  Techniques to do this include: Anti-Virtual-Machine Binary Compression/Packing Binary Encoding Stripping Symbols Anti-Debugger

Anti-VM  SIDT – Store Interrupt Descriptor Table Register  This instruction can be used to find the value of this register which is abnormally high for VM’s.  RedPill.exe is a POC program that looks at this register and declare’s whether or not it is in a VM.

RedPill.exe  To change this program, the jumps can be changed to manipulate how the program works.  The value that the program compares the IDTR to can be changed as well.

Key Generators  Some software uses a username and an algorithm to get a serial number that is used for authentication.  The problem with this is that the software must calculate the serial number from the user name, and the algorithm can be reversed.

Very Simple Key Generator  A program needs a user name and a key.  The key is the same as the user name, but 1 is added to each character.  By running the program in a debugger or through a disassembler, the algorithm can be discovered.

Key Generator  A key generator is a program that is created to run the same algorithm on any input and display the results.

Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.