110 likes | 164 Views
Code Disassembly Techniques. Julius Quiaot Himanshu Ranavat CMPE296T – November 26, 2007. Agenda. Overview and Definitions Techniques Tools Challenges to Code Disassembly Applications Prevention. Overview and Definitions.
E N D
Code Disassembly Techniques Julius Quiaot Himanshu Ranavat CMPE296T – November 26, 2007
Agenda • Overview and Definitions • Techniques • Tools • Challenges to Code Disassembly • Applications • Prevention
Overview and Definitions • Assembler converts assembly language into binary equivalent code called machine instruction. • Linker combines all object files to produce an executable. • Loader loads the executable in memory for execution. Loaders are typically part of an OS.
Assembler, Linker and Loader Disassembly can be visualized as the reversal of the above process
Techniques • Static Techniques • Linear Sweep • Recursive Traversal • Example:
Techniques (Contd) • Dynamic Techniques • Complements static techniques • Binary Interpretation using Runtime Disassembly • Disassembly Tools: • IDAPro • Sourcer
Challenges to Code Disassembly • Data type information • Identification of Instruction and Data Sections • Platform Differences
Applications • Legitimate • Education • Code Optimization • Legacy Applications • Bug and Security Holes • Illegitimate • Security Circumvention
Prevention • Code Obfuscation • Rendering code unreadable and unintelligible • Rename variables and methods • Junk Bytes • Partial instructions to confuse disassemblers • Fake Jump Tables • Disrupt recursive traversal