Reverse Engineering Objective-C. Jeff Hui
|
|
- Dwight Scott
- 7 years ago
- Views:
Transcription
1 Reverse Engineering Objective-C Jeff Hui
2 The process of understanding a system through analysis of its structure, function, and operation Wikipedia
3 It s not Debugging It s Reverse Engineering!
4 The process of understanding a system without its original source
5 Why? Top Secret Learn Disable
6 Why? Top Secret Learn Disable Extend
7 Archeology
8 Knowledge Intense Optimizations Encryption Security Operating Systems Language Runtimes Specifications Assembly Compilers Hardware Code Injection
9 Language Matters JAVASCRIPT Source Code REPL Dynamic Dispatch PYTHON, RUBY, JAVA, ETC. Bytecode Reflective Dynamic Dispatch C Static Dispatch Exploitable No Reflection OBJECTIVE-C Dynamic Dispatch C-compatible Partially- Reflective
10 Objective-C
11 Building an App.o
12 Building an App Compiler.o
13 Building an App Clang.o
14 Building an App Clang LLVM.o
15 .o.o.o Building an App
16 Building an App Static Linker.o.o.o
17 Running an App Dynamic Linking
18 Running an App
19 Running an App Registers CPU RAM
20 C to Assembly int add(int a, int b) { } return a + b;
21 _add: push ebp mov ebp, esp sub esp, 0x8 mov eax, dword [ss:ebp-0x8+arg_4] mov ecx, dword [ss:ebp-0x8+arg_0] mov dword [ss:ebp-0x8+var_4], ecx mov dword [ss:ebp-0x8+var_0], eax mov eax, dword [ss:ebp-0x8+var_4] add eax, dword [ss:ebp-0x8+var_0] add esp, 0x8 pop ebp ret
22 _add: push ebp mov ebp, esp sub esp, 0x8 Prologue mov eax, dword [ss:ebp-0x8+arg_4] mov ecx, dword [ss:ebp-0x8+arg_0] mov dword [ss:ebp-0x8+var_4], ecx mov dword [ss:ebp-0x8+var_0], eax mov eax, dword [ss:ebp-0x8+var_4] add eax, dword [ss:ebp-0x8+var_0] add esp, 0x8 pop ebp ret
23 _add: push ebp mov ebp, esp sub esp, 0x8 Prologue mov eax, dword [ss:ebp-0x8+arg_4] mov ecx, dword [ss:ebp-0x8+arg_0] mov dword [ss:ebp-0x8+var_4], ecx mov dword [ss:ebp-0x8+var_0], eax mov eax, dword [ss:ebp-0x8+var_4] add eax, dword [ss:ebp-0x8+var_0] add esp, 0x8 pop ebp ret
24 _add: push ebp mov ebp, esp sub esp, 0x8 Prologue mov eax, dword [ss:ebp-0x8+arg_4] mov ecx, dword [ss:ebp-0x8+arg_0] mov dword [ss:ebp-0x8+var_4], ecx mov dword [ss:ebp-0x8+var_0], eax mov eax, dword [ss:ebp-0x8+var_4] add eax, dword [ss:ebp-0x8+var_0] add esp, 0x8 pop ebp ret Epilogue
25 add(1, 2); mov dword[ss:esp], 0x1 mov dword[ss:esp+0x4], 0x2 call _add mov rbx, 0x1 mov rbi, 0x2 call _add
26 Calling Conventions (x86_64) rdi arg1 rsi arg2 rdx arg3 rcx arg4 r8 arg5 r9 arg6
27 Compiling Calculator - (int)add:(int)a and:(int)b { return a + b; int methimpl_calculator_add_and_( Person *self, SEL _cmd, int a, int b ) { return a + b; } methimpl_calculator_add_and_
28 Compiling Objective-C [obj call]; objc_msgsend( obj, sel_registername( call ) ); mov rdi, esp mov rsi, qword [ds:objc_sel_call] call qword [ds:imp got objc_msgsend]
29 Calling Conventions (x86_64) rdi rsi rdx rcx r8 r9 rbp self _cmd arg1 arg2 arg3 arg4 (stack register)
30 Let s Reverse Engineer
31 Hopper
32 Hopper methimpl_person_daysuntilbirthday
33 class-dump
34 class-dump All objc objects are ids
35 LLDB
36
37
38
39
40
41
42
43 The Hard Part
44
45 Code Injection
46 Code Injection Binary Patching Dynamic Patching Dynamic Linking Plugin
47 Image Credits Skull And Crossbones designed by Anton Outkine from the Noun Project Icons from Apple s Terminal, Xcode, SystemInformation, CoreServices Icon from Hopper
48 Questions? Objective-C Type Encodings MACH-O ABI & DYLB mach_inject & mach_override - C-Function Overriding Objective-C Blocks ABI LLVM Compiler Infrastructure Project objc4 - Objective-C 2.0 OSS project ISAs - i386, x86_64, arm, arm64 Darwin - ios & OSX OSS Kernel
49 Code Obfuscation Ruins Stacktraces Breaks Reflection Doesn t stop a Debugger Only slows down initially
50 What about FairPlay?
51 What about FairPlay? Encryption is only on disk
52 How do I stop this? You can t
53 Make it more difficult Bug Debuggers Partial Code Load Integrity checks Remote Server Don t DRY the protection code Obfuscate protection code
54 Compiling Objective-C Blocks
55 Compiling Objective-C
56 Compiling Objective-C - (int)daysuntilbirthday { int v = 1; return (^int(int i){ return i + v; })(2); }
57 Compiling Objective-C - (int)daysuntilbirthday { int v = 1; return (^int(int i){ return i + v; })(2); } int 22-[Person daysuntilbirthday] block_invoke( struct block_literal_1 *, int i ) { }
58 Compiling Objective-C struct block_literal_1 struct block_descriptor_1 Class isa int flags int reserved void (*invoke)( block_literal_1*, ); unsigned long int size void (*copy)(void*, void*) void (*release)(void *) const char *signature struct block_descriptor_1 *descriptor const int v
59 Compiling Objective-C Objective-C Object struct block_literal_1 struct block_descriptor_1 Class isa unsigned long int size int flags void (*copy)(void*, void*) int reserved void (*release)(void *) void (*invoke)( block_literal_1*, ); const char *signature struct block_descriptor_1 *descriptor const int v
60 Compiling Objective-C Objective-C Object struct block_literal_1 struct block_descriptor_1 Class isa unsigned long int size int flags void (*copy)(void*, void*) int reserved void (*release)(void *) void (*invoke)( block_literal_1*, ); struct block_descriptor_1 *descriptor const char *signature Block Type Info const int v
61 Compiling Objective-C Objective-C Object struct block_literal_1 struct block_descriptor_1 Class isa unsigned long int size int flags void (*copy)(void*, void*) int reserved void (*release)(void *) void (*invoke)( block_literal_1*, ); struct block_descriptor_1 *descriptor const int v const char *signature Block Type Info Enclosed Variable
64-Bit NASM Notes. Invoking 64-Bit NASM
64-Bit NASM Notes The transition from 32- to 64-bit architectures is no joke, as anyone who has wrestled with 32/64 bit incompatibilities will attest We note here some key differences between 32- and 64-bit
More informationEfficient Cross-Platform Method Dispatching for Interpreted Languages
Efficient Cross-Platform Method Dispatching for Interpreted Languages Andrew Weinrich 1 Introduction 2007-12-18 2 Adding Methods and Classes to the Objective-C Runtime Most work on modern compilers is
More informationSoftware Vulnerabilities
Software Vulnerabilities -- stack overflow Code based security Code based security discusses typical vulnerabilities made by programmers that can be exploited by miscreants Implementing safe software in
More informationHacking Techniques & Intrusion Detection. Ali Al-Shemery arabnix [at] gmail
Hacking Techniques & Intrusion Detection Ali Al-Shemery arabnix [at] gmail All materials is licensed under a Creative Commons Share Alike license http://creativecommonsorg/licenses/by-sa/30/ # whoami Ali
More informationCS412/CS413. Introduction to Compilers Tim Teitelbaum. Lecture 20: Stack Frames 7 March 08
CS412/CS413 Introduction to Compilers Tim Teitelbaum Lecture 20: Stack Frames 7 March 08 CS 412/413 Spring 2008 Introduction to Compilers 1 Where We Are Source code if (b == 0) a = b; Low-level IR code
More informationLecture 7: Machine-Level Programming I: Basics Mohamed Zahran (aka Z) mzahran@cs.nyu.edu http://www.mzahran.com
CSCI-UA.0201-003 Computer Systems Organization Lecture 7: Machine-Level Programming I: Basics Mohamed Zahran (aka Z) mzahran@cs.nyu.edu http://www.mzahran.com Some slides adapted (and slightly modified)
More informationDynamic Behavior Analysis Using Binary Instrumentation
Dynamic Behavior Analysis Using Binary Instrumentation Jonathan Salwan jsalwan@quarkslab.com St'Hack Bordeaux France March 27 2015 Keywords: program analysis, DBI, DBA, Pin, concrete execution, symbolic
More informationIntroduction. Application Security. Reasons For Reverse Engineering. This lecture. Java Byte Code
Introduction Application Security Tom Chothia Computer Security, Lecture 16 Compiled code is really just data which can be edit and inspected. By examining low level code protections can be removed and
More informationesrever gnireenigne tfosorcim seiranib
esrever gnireenigne tfosorcim seiranib Alexander Sotirov asotirov@determina.com CanSecWest / core06 Reverse Engineering Microsoft Binaries Alexander Sotirov asotirov@determina.com CanSecWest / core06 Overview
More informationFormat string exploitation on windows Using Immunity Debugger / Python. By Abysssec Inc WwW.Abysssec.Com
Format string exploitation on windows Using Immunity Debugger / Python By Abysssec Inc WwW.Abysssec.Com For real beneficiary this post you should have few assembly knowledge and you should know about classic
More informationExample of Standard API
16 Example of Standard API System Call Implementation Typically, a number associated with each system call System call interface maintains a table indexed according to these numbers The system call interface
More informationAndreas Herrmann. AMD Operating System Research Center
Myth and facts about 64-bit Linux Andreas Herrmann André Przywara AMD Operating System Research Center March 2nd, 2008 Myths... You don't need 64-bit software with less than 3 GB RAM. There are less drivers
More informationLecture 26: Obfuscation
Lecture 26: Obfuscation 15411: Compiler Design Robbie Harwood and Maxime Serrano 21 November 2013 1 Introduction We have previously (lecture 20) considered the problem of doing compilation backwards (i.e.,
More informationIntroduction to Reverse Engineering
Introduction to Reverse Engineering Inbar Raz Malware Research Lab Manager December 2011 What is Reverse Engineering? Reverse engineering is the process of discovering the technological principles of a
More informationOff-by-One exploitation tutorial
Off-by-One exploitation tutorial By Saif El-Sherei www.elsherei.com Introduction: I decided to get a bit more into Linux exploitation, so I thought it would be nice if I document this as a good friend
More informationTHE VELOX STACK Patrick Marlier (UniNE)
THE VELOX STACK Patrick Marlier (UniNE) 06.09.20101 THE VELOX STACK / OUTLINE 2 APPLICATIONS Real applications QuakeTM Game server C code with OpenMP Globulation 2 Real-Time Strategy Game C++ code using
More informationIntroduction. Figure 1 Schema of DarunGrim2
Reversing Microsoft patches to reveal vulnerable code Harsimran Walia Computer Security Enthusiast 2011 Abstract The paper would try to reveal the vulnerable code for a particular disclosed vulnerability,
More informationExploiting nginx chunked overflow bug, the undisclosed attack vector
Exploiting nginx chunked overflow bug, the undisclosed attack vector Long Le longld@vnsecurity.net About VNSECURITY.NET CLGT CTF team 2 VNSECURITY.NET In this talk Nginx brief introduction Nginx chunked
More informationAssembly Language: Function Calls" Jennifer Rexford!
Assembly Language: Function Calls" Jennifer Rexford! 1 Goals of this Lecture" Function call problems:! Calling and returning! Passing parameters! Storing local variables! Handling registers without interference!
More informationios applications reverse engineering Julien Bachmann julien@scrt.ch
ios applications reverse engineering 1 Julien Bachmann julien@scrt.ch Agenda Motivations The architecture Mach-O Objective-C ARM AppStore binaries Find'em Decrypt'em Reverse'em What to look for Where to
More informationBuffer Overflows. Security 2011
Buffer Overflows Security 2011 Memory Organiza;on Topics Kernel organizes memory in pages Typically 4k bytes Processes operate in a Virtual Memory Space Mapped to real 4k pages Could live in RAM or be
More informationCS3600 SYSTEMS AND NETWORKS
CS3600 SYSTEMS AND NETWORKS NORTHEASTERN UNIVERSITY Lecture 2: Operating System Structures Prof. Alan Mislove (amislove@ccs.neu.edu) Operating System Services Operating systems provide an environment for
More informationABSTRACT' INTRODUCTION' COMMON'SECURITY'MISTAKES'' Reverse Engineering ios Applications
Reverse Engineering ios Applications Drew Branch, Independent Security Evaluators, Associate Security Analyst ABSTRACT' Mobile applications are a part of nearly everyone s life, and most use multiple mobile
More informationx64 Cheat Sheet Fall 2015
CS 33 Intro Computer Systems Doeppner x64 Cheat Sheet Fall 2015 1 x64 Registers x64 assembly code uses sixteen 64-bit registers. Additionally, the lower bytes of some of these registers may be accessed
More informationOutline. Outline. Why virtualization? Why not virtualize? Today s data center. Cloud computing. Virtual resource pool
Outline CS 6V81-05: System Security and Malicious Code Analysis Overview of System ization: The most powerful platform for program analysis and system security Zhiqiang Lin Department of Computer Science
More informationFor a 64-bit system. I - Presentation Of The Shellcode
#How To Create Your Own Shellcode On Arch Linux? #Author : N3td3v!l #Contact-mail : 4nonymouse@usa.com #Website : Nopotm.ir #Spcial tnx to : C0nn3ct0r And All Honest Hackerz and Security Managers I - Presentation
More informationAGENDA. Background. The Attack Surface. Case Studies. Binary Protections. Bypasses. Conclusions
MOBILE APPLICATIONS AGENDA Background The Attack Surface Case Studies Binary Protections Bypasses Conclusions BACKGROUND Mobile apps for everything == lots of interesting data Banking financial Social
More informationAbysssec Research. 1) Advisory information. 2) Vulnerable version
Abysssec Research 1) Advisory information Title Version Discovery Vendor Impact Contact Twitter CVE : Apple QuickTime FlashPix NumberOfTiles Remote Code Execution Vulnerability : QuickTime player 7.6.5
More informationSystem/Networking performance analytics with perf. Hannes Frederic Sowa <hannes@stressinduktion.org>
System/Networking performance analytics with perf Hannes Frederic Sowa Prerequisites Recent Linux Kernel CONFIG_PERF_* CONFIG_DEBUG_INFO Fedora: debuginfo-install kernel for
More informationHotpatching and the Rise of Third-Party Patches
Hotpatching and the Rise of Third-Party Patches Alexander Sotirov asotirov@determina.com BlackHat USA 2006 Overview In the next one hour, we will cover: Third-party security patches _ recent developments
More informationGetting Started with the Internet Communications Engine
Getting Started with the Internet Communications Engine David Vriezen April 7, 2014 Contents 1 Introduction 2 2 About Ice 2 2.1 Proxies................................. 2 3 Setting Up ICE 2 4 Slices 2
More informationCommon Lisp ObjectiveC Interface
Common Lisp ObjectiveC Interface Documentation for the Common Lisp Objective C Interface, version 1.0. Copyright c 2007 Luigi Panzeri Copying and distribution of this file, with or without modification,
More informationAPPLICATION SECURITY: FROM WEB TO MOBILE. DIFFERENT VECTORS AND NEW ATTACK
APPLICATION SECURITY: FROM WEB TO MOBILE. DIFFERENT VECTORS AND NEW ATTACK John T Lounsbury Vice President Professional Services, Asia Pacific INTEGRALIS Session ID: MBS-W01 Session Classification: Advanced
More informationTitanMist: Your First Step to Reversing Nirvana TitanMist. mist.reversinglabs.com
TitanMist: Your First Step to Reversing Nirvana TitanMist mist.reversinglabs.com Contents Introduction to TitanEngine.. 3 Introduction to TitanMist 4 Creating an unpacker for TitanMist.. 5 References and
More informationReversing in OS X - what s different
Who Am I An Economist and MBA. Computer enthusiast for the past 30 years. Someone who worked at one of the world s best ATM networks, the Portuguese Multibanco. A natural-born reverser and assembler of
More informationMike Melanson (mike@multimedia.cx)
Breaking Eggs And Making Omelettes: Intelligence Gathering For Open Source Software Development Mike Melanson (mike@multimedia.cx) Legalnotice: Es können zusätzliche Angaben zur Veröffentlichung angegeben
More informationNetworks and Services
Networks and Services Dr. Mohamed Abdelwahab Saleh IET-Networks, GUC Fall 2015 TOC 1 Infrastructure as a Service 2 Platform as a Service 3 Software as a Service Infrastructure as a Service Definition Infrastructure
More informationSecurity Vulnerability Notice
Security Vulnerability Notice SE-2014-01-ORACLE [Security vulnerabilities in Oracle Database Java VM, Issues 1-20] DISCLAIMER INFORMATION PROVIDED IN THIS DOCUMENT IS PROVIDED "AS IS" WITHOUT WARRANTY
More informationINTRODUCTION TO OBJECTIVE-C CSCI 4448/5448: OBJECT-ORIENTED ANALYSIS & DESIGN LECTURE 12 09/29/2011
INTRODUCTION TO OBJECTIVE-C CSCI 4448/5448: OBJECT-ORIENTED ANALYSIS & DESIGN LECTURE 12 09/29/2011 1 Goals of the Lecture Present an introduction to Objective-C 2.0 Coverage of the language will be INCOMPLETE
More informationAn introduction to the Return Oriented Programming. Why and How
An introduction to the Return Oriented Programming Why and How Course lecture at the Bordeaux university for the CSI Master Jonathan Salwan Keywords: ROP Intel / ARM, Tools, ROP chain generation, gadgets'
More information5. Calling conventions for different C++ compilers and operating systems
5. Calling conventions for different C++ compilers and operating systems By Agner Fog. Technical University of Denmark. Copyright 2004-2014. Last updated 2014-08-07. Contents 1 Introduction... 3 2 The
More informationEncryption Wrapper. on OSX
Encryption Wrapper on OSX Overview OSX Kernel What is an Encryption Wrapper? Project Implementation OSX s Origins and Design NeXTSTEP Legacy NextStep v1 NextStep v3.3 Mac OS X Jobs creates NeXT Apple acquisition
More informationCross-platform mobile development with Visual C++ 2015
Cross-platform mobile development with Visual C++ 2015 Sasha Goldshtein @goldshtn CTO, Sela Group blog.sashag.net App Targeting Spectrum Developer pain exponential jump in complexity, but not in user experience
More informationImproving Your App with Instruments
Tools #WWDC14 Improving Your App with Instruments Session 418 Daniel Delwood Software Radiologist 2014 Apple Inc. All rights reserved. Redistribution or public display not permitted without written permission
More informationApplying Clang Static Analyzer to Linux Kernel
Applying Clang Static Analyzer to Linux Kernel 2012/6/7 FUJITSU COMPUTER TECHNOLOGIES LIMITED Hiroo MATSUMOTO 管 理 番 号 1154ka1 Copyright 2012 FUJITSU COMPUTER TECHNOLOGIES LIMITED Abstract Now there are
More informationMobile Application Security Testing ASSESSMENT & CODE REVIEW
Mobile Application Security Testing ASSESSMENT & CODE REVIEW Sept. 31 st 2014 Presenters ITAC 2014 Bishop Fox Francis Brown Partner Joe DeMesy Security Associate 2 Introductions FRANCIS BROWN Hi, I m Fran
More informationC Programming Review & Productivity Tools
Review & Productivity Tools Giovanni Agosta Piattaforme Software per la Rete Modulo 2 Outline Preliminaries 1 Preliminaries 2 Function Pointers Variadic Functions 3 Build Automation Code Versioning 4 Preliminaries
More informationHP AppPulse Mobile. Adding HP AppPulse Mobile to Your Android App
HP AppPulse Mobile Adding HP AppPulse Mobile to Your Android App Document Release Date: April 2015 How to Add HP AppPulse Mobile to Your Android App How to Add HP AppPulse Mobile to Your Android App For
More informationAdvanced ANDROID & ios Hands-on Exploitation
Advanced ANDROID & ios Hands-on Exploitation By Attify Trainers Aditya Gupta Prerequisite The participants are expected to have a basic knowledge of Mobile Operating Systems. Knowledge of programming languages
More informationX86-64 Architecture Guide
X86-64 Architecture Guide For the code-generation project, we shall expose you to a simplified version of the x86-64 platform. Example Consider the following Decaf program: class Program { int foo(int
More informationCSC230 Getting Starting in C. Tyler Bletsch
CSC230 Getting Starting in C Tyler Bletsch What is C? The language of UNIX Procedural language (no classes) Low-level access to memory Easy to map to machine language Not much run-time stuff needed Surprisingly
More informationeggon SDK for ios 7 Integration Instructions
eggon SDK for ios 7 Integration Instructions The eggon SDK requires a few simple steps in order to be used within your ios 7 application. Environment This guide assumes that a standard ios Development
More informationCompilers. Introduction to Compilers. Lecture 1. Spring term. Mick O Donnell: michael.odonnell@uam.es Alfonso Ortega: alfonso.ortega@uam.
Compilers Spring term Mick O Donnell: michael.odonnell@uam.es Alfonso Ortega: alfonso.ortega@uam.es Lecture 1 to Compilers 1 Topic 1: What is a Compiler? 3 What is a Compiler? A compiler is a computer
More informationELEC 377. Operating Systems. Week 1 Class 3
Operating Systems Week 1 Class 3 Last Class! Computer System Structure, Controllers! Interrupts & Traps! I/O structure and device queues.! Storage Structure & Caching! Hardware Protection! Dual Mode Operation
More informationApplication-Level Debugging and Profiling: Gaps in the Tool Ecosystem. Dr Rosemary Francis, Ellexus
Application-Level Debugging and Profiling: Gaps in the Tool Ecosystem Dr Rosemary Francis, Ellexus For years instruction-level debuggers and profilers have improved in leaps and bounds. Similarly, system-level
More informationAll Your Code Belongs To Us Dismantling Android Secrets With CodeInspect. Steven Arzt. 04.10.2015 Secure Software Engineering Group Steven Arzt 1
All Your Code Belongs To Us Dismantling Android Secrets With CodeInspect Steven Arzt 04.10.2015 Secure Software Engineering Group Steven Arzt 1 04.10.2015 Secure Software Engineering Group Steven Arzt
More informationCloud Computing. Up until now
Cloud Computing Lecture 11 Virtualization 2011-2012 Up until now Introduction. Definition of Cloud Computing Grid Computing Content Distribution Networks Map Reduce Cycle-Sharing 1 Process Virtual Machines
More informationIdentification and Removal of
RIVERSIDE RESEARCH INSTITUTE Deobfuscator: An Automated Approach to the Identification and Removal of Code Obfuscation Ei Eric Laspe, Reverse Engineer Jason Raber, Lead Reverse Engineer Overview The Problem:
More informationReverse Engineering and Computer Security
Reverse Engineering and Computer Security Alexander Sotirov alex@sotirov.net Introduction Security researcher at Determina, working on our LiveShield product Responsible for vulnerability analysis and
More informationCS61: Systems Programing and Machine Organization
CS61: Systems Programing and Machine Organization Fall 2009 Section Notes for Week 2 (September 14 th - 18 th ) Topics to be covered: I. Binary Basics II. Signed Numbers III. Architecture Overview IV.
More informationOPERATING SYSTEM SERVICES
OPERATING SYSTEM SERVICES USER INTERFACE Command line interface(cli):uses text commands and a method for entering them Batch interface(bi):commands and directives to control those commands are entered
More informationPentesting ios Apps Runtime Analysis and Manipulation. Andreas Kurtz
Pentesting ios Apps Runtime Analysis and Manipulation Andreas Kurtz About PhD candidate at the Security Research Group, Department of Computer Science, University of Erlangen-Nuremberg Security of mobile
More informationStack Overflows. Mitchell Adair
Stack Overflows Mitchell Adair Outline Why? What? There once was a VM Virtual Memory Registers Stack stack1, stack2, stack3 Resources Why? Real problem Real money Real recognition Still prevalent Very
More informationCompTIA Mobile App Security+ Certification Exam (ios Edition) Live exam IOS-001 Beta Exam IO1-001
CompTIA Mobile App Security+ Certification Exam (ios Edition) Live exam IOS-001 Beta Exam IO1-001 INTRODUCTION This exam will certify that the successful candidate has the knowledge and skills required
More informationCSE 373: Data Structure & Algorithms Lecture 25: Programming Languages. Nicki Dell Spring 2014
CSE 373: Data Structure & Algorithms Lecture 25: Programming Languages Nicki Dell Spring 2014 What is a Programming Language? A set of symbols and associated tools that translate (if necessary) collections
More informationUsing the Caché Objective-C Binding
Using the Caché Objective-C Binding Version 2014.1 25 March 2014 InterSystems Corporation 1 Memorial Drive Cambridge MA 02142 www.intersystems.com Using the Caché Objective-C Binding Caché Version 2014.1
More informationMSc Computer Science Dissertation
University of Oxford Computing Laboratory MSc Computer Science Dissertation Automatic Generation of Control Flow Hijacking Exploits for Software Vulnerabilities Author: Sean Heelan Supervisor: Dr. Daniel
More informationtelnetd exploit FreeBSD Telnetd Remote Exploit Für Compass Security AG Öffentliche Version 1.0 Januar 2012
telnetd exploit FreeBSD Telnetd Remote Exploit Für Compass Security AG Öffentliche Version 1.0 Januar 2012 Content Part I Info Bug Telnet Exploit Part II Advanced Exploitation Meta Information Disclosed
More informationOS Virtualization Frank Hofmann
OS Virtualization Frank Hofmann OP/N1 Released Products Engineering Sun Microsystems UK Overview Different approaches to virtualization > Compartmentalization > System Personalities > Virtual Machines
More informationA Tiny Guide to Programming in 32-bit x86 Assembly Language
CS308, Spring 1999 A Tiny Guide to Programming in 32-bit x86 Assembly Language by Adam Ferrari, ferrari@virginia.edu (with changes by Alan Batson, batson@virginia.edu and Mike Lack, mnl3j@virginia.edu)
More informationXcode Project Management Guide. (Legacy)
Xcode Project Management Guide (Legacy) Contents Introduction 10 Organization of This Document 10 See Also 11 Part I: Project Organization 12 Overview of an Xcode Project 13 Components of an Xcode Project
More informationTest Driven Development in Assembler a little story about growing software from nothing
Test Driven Development in Assembler a little story about growing software from nothing Olve Maudal During the last decade Test-Driven Development has become an established practice for developing software
More informationW4118 Operating Systems. Junfeng Yang
W4118 Operating Systems Junfeng Yang Outline Linux overview Interrupt in Linux System call in Linux What is Linux A modern, open-source OS, based on UNIX standards 1991, 0.1 MLOC, single developer Linus
More informationVirtual Servers. Virtual machines. Virtualization. Design of IBM s VM. Virtual machine systems can give everyone the OS (and hardware) that they want.
Virtual machines Virtual machine systems can give everyone the OS (and hardware) that they want. IBM s VM provided an exact copy of the hardware to the user. Virtual Servers Virtual machines are very widespread.
More informationSmartphone Security for Android Applications
Smartphone Security for Android Applications Steven Arzt Siegfried Rasthofer (Eric Bodden) 17.09.2013 Secure Software Engineering Group Steven Arzt and Siegfried Rasthofer 1 About Us PhD-Students at the
More informationAndroid Packer. facing the challenges, building solutions. Rowland YU. Senior Threat Researcher Virus Bulletin 2014
Android Packer facing the challenges, building solutions Rowland YU Senior Threat Researcher Virus Bulletin 2014 1 What is Android Packer? Android packers are able to encrypt an original classes.dex file,
More informationComputer Architectures
Computer Architectures Parameters Passing to Subroutines and Operating System Implemented Virtual Instructions (System Calls) Czech Technical University in Prague, Faculty of Electrical Engineering Ver.1.10
More informationGOTO: H[a]CK. Practical ios Applications Hacking Mathieu RENARD - @GOTOHACK mathieu.renard[-at-]gotohack.org mathieu.renard[-at-]sogeti.
GOTO: H[a]CK Practical ios Applications Hacking Mathieu RENARD - @GOTOHACK mathieu.renard[-at-]gotohack.org mathieu.renard[-at-]sogeti.com Agenda # Regular devices # Let s Jailbreak our device # Reversing
More informationFast Byte-Granularity Software Fault Isolation
Fast Byte-Granularity Software Fault Isolation Miguel Castro, Manuel Costa, Jean-Philippe Martin, Marcus Peinado, Periklis Akritidis, Austin Donnelly, Paul Barham, Richard Black Microsoft Research Cambridge,
More informationios Development Tutorial Nikhil Yadav CSE 40816/60816: Pervasive Health 09/09/2011
ios Development Tutorial Nikhil Yadav CSE 40816/60816: Pervasive Health 09/09/2011 Healthcare iphone apps Various apps for the iphone available Diagnostic, Diet and Nutrition, Fitness, Emotional Well-being
More informationFighting malware on your own
Fighting malware on your own Vitaliy Kamlyuk Senior Virus Analyst Kaspersky Lab Vitaly.Kamluk@kaspersky.com Why fight malware on your own? 5 reasons: 1. Touch 100% of protection yourself 2. Be prepared
More informationSymbian phone Security
ITSX Overview Symbian OS. Risks and Features. Taking it apart. Conclusions. Symbian History Psion owner of EPOC OS, originally from 1989, released EPOC32 in 1996 EPOC32 was designed with OO in C++ 1998:
More informationVirtual Computing and VMWare. Module 4
Virtual Computing and VMWare Module 4 Virtual Computing Cyber Defense program depends on virtual computing We will use it for hands-on learning Cyber defense competition will be hosted on a virtual computing
More informationThis documentation is made available before final release and is subject to change without notice and comes with no warranty express or implied.
Hyperloop for ios Programming Guide This documentation is made available before final release and is subject to change without notice and comes with no warranty express or implied. Requirements You ll
More informationLecture 1 Introduction to Android
These slides are by Dr. Jaerock Kwon at. The original URL is http://kettering.jrkwon.com/sites/default/files/2011-2/ce-491/lecture/alecture-01.pdf so please use that instead of pointing to this local copy
More informationC# and Other Languages
C# and Other Languages Rob Miles Department of Computer Science Why do we have lots of Programming Languages? Different developer audiences Different application areas/target platforms Graphics, AI, List
More informationINTRODUCTION TO MALWARE & MALWARE ANALYSIS
INTRODUCTION TO MALWARE & MALWARE ANALYSIS by Quick Heal R&D lab Security Simplified INTRODUCTION Very often people call everything that corrupts their system a virus without being aware about what it
More informationCS 161 Computer Security
Paxson Spring 2013 CS 161 Computer Security Homework 1 Due: Friday, February 15, at 10PM Instructions. You must submit this homework electronically. To submit, put a single solution file hw1.pdf in a directory
More informationCROSS-PLATFORM MOBILE MALWARE - WRITE ONCE INFECT EVERYWHERE. William Lee & Xinran Wu Email: {william.lee, xinran.wu}@sophos.com.
CROSS-PLATFORM MOBILE MALWARE - WRITE ONCE INFECT EVERYWHERE William Lee & Xinran Wu Email: {william.lee, xinran.wu}@sophos.com.au Agenda 1. Cross-Platform Frameworks 2. Existing malware 3. App Package
More informationOperating System Structures
COP 4610: Introduction to Operating Systems (Spring 2015) Operating System Structures Zhi Wang Florida State University Content Operating system services User interface System calls System programs Operating
More informationCS420: Operating Systems OS Services & System Calls
NK YORK COLLEGE OF PENNSYLVANIA HG OK 2 YORK COLLEGE OF PENNSYLVAN OS Services & System Calls James Moscola Department of Physical Sciences York College of Pennsylvania Based on Operating System Concepts,
More informationMobile Application Security: Who, How and Why
Mobile Application Security: Who, How and Why Presented by: Mike Park Managing Security Consultant Trustwave SpiderLabs Who Am I Mike Park Managing Consultant, Application Security Services, Trustwave
More informationTopics. Introduction. Java History CS 146. Introduction to Programming and Algorithms Module 1. Module Objectives
Introduction to Programming and Algorithms Module 1 CS 146 Sam Houston State University Dr. Tim McGuire Module Objectives To understand: the necessity of programming, differences between hardware and software,
More informationQuiz I Solutions MASSACHUSETTS INSTITUTE OF TECHNOLOGY. 6.858 Fall 2012. Department of Electrical Engineering and Computer Science
Department of Electrical Engineering and Computer Science MASSACHUSETTS INSTITUTE OF TECHNOLOGY 6.858 Fall 2012 Quiz I Solutions 30 Grade for q1 25 20 15 10 5 0 0 10 20 30 40 50 60 70 80 90 100 Histogram
More informationSecurity types to the rescue
Security types to the rescue p. 1 Security types to the rescue David Wagner and Rob Johnson {daw,rtjohnso}@cs.berkeley.edu University of California, Berkeley Security types to the rescue p. 2 Problem statement
More informationProgramming Languages
Programming Languages In the beginning To use a computer, you needed to know how to program it. Today People no longer need to know how to program in order to use the computer. To see how this was accomplished,
More informationObfuscatorreloaded. Pascal Junod HEIG-VD Julien Rinaldini HEIG-VD Marc Romanens- EIA-FR Jean-Roland Schuler EIA-FR
Obfuscatorreloaded Pascal Junod HEIG-VD Julien Rinaldini HEIG-VD Marc Romanens- EIA-FR Jean-Roland Schuler EIA-FR Application Security Forum - 2012 Western Switzerland 7-8 novembre 2012 - Y-Parc / Yverdon-les-Bains
More informationThis is DEEPerent: Tracking App behaviors with (Nothing changed) phone for Evasive android malware
This is DEEPerent: Tracking App behaviors with (Nothing changed) phone for Evasive android malware What I will talk about.. Challenges we faced on android malware analysis: Fast code analysis (Reversing)
More informationExploiting Trustzone on Android
1 Introduction Exploiting Trustzone on Android Di Shen(@returnsme) retme7@gmail.com This paper tells a real story about exploiting TrustZone step by step. I target an implementation of Trusted Execution
More information