Saturday, October 10, 2015

Hacktivity 2015 - Hello Anti-disassembly workshop

My Hacktivity 2015 - Hello Anti-disassembly workshop files can be downloaded from here:

hacktivity2015_helloantidisassembly.zip

The zip file contain the following files:

IDA python script:

antida.py

Example codes:

case1.c
case1.exe
case2.c
case2.exe
case3.c
case3.exe
initial.c
initial.exe

Guide:

Hacktivity 2015 - Fitzl Csaba - Hello Anti Disassembly.pdf

The original workshop description:

"We will review how the two main types of disassembler works, and why they can be fooled, then we will cover 3 typical examples. As part of each exercise we will create our own short C program, which will cause the disassembler to incorrectly parse our code, then we will see how we can manually find and correct it in IDA Pro. As a last step we will create a short Python script for IDA Pro, which will automatically find and mark these techniques for us. We will also check how we can patch the code from an IDA Script to defeat the anti-disassembly techniques."

https://hacktivity.com/en/hacktivity-2015/hello-workshop/hello-anti-disassembly1/

No comments: