1 / 10

Code Disassembly Techniques

Code Disassembly Techniques. Julius Quiaot Himanshu Ranavat CMPE296T – November 26, 2007. Agenda. Overview and Definitions Techniques Tools Challenges to Code Disassembly Applications Prevention. Overview and Definitions.

lowrance
Download Presentation

Code Disassembly Techniques

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Code Disassembly Techniques Julius Quiaot Himanshu Ranavat CMPE296T – November 26, 2007

  2. Agenda • Overview and Definitions • Techniques • Tools • Challenges to Code Disassembly • Applications • Prevention

  3. Overview and Definitions • Assembler converts assembly language into binary equivalent code called machine instruction. • Linker combines all object files to produce an executable. • Loader loads the executable in memory for execution. Loaders are typically part of an OS.

  4. Assembler, Linker and Loader Disassembly can be visualized as the reversal of the above process

  5. Techniques • Static Techniques • Linear Sweep • Recursive Traversal • Example:

  6. Techniques (Contd) • Dynamic Techniques • Complements static techniques • Binary Interpretation using Runtime Disassembly • Disassembly Tools: • IDAPro • Sourcer

  7. Challenges to Code Disassembly • Data type information • Identification of Instruction and Data Sections • Platform Differences

  8. Applications • Legitimate • Education • Code Optimization • Legacy Applications • Bug and Security Holes • Illegitimate • Security Circumvention

  9. Prevention • Code Obfuscation • Rendering code unreadable and unintelligible • Rename variables and methods • Junk Bytes • Partial instructions to confuse disassemblers • Fake Jump Tables • Disrupt recursive traversal

  10. Questions?

More Related