Triaging Crashed with Backward Taint Analysis for ARM Architecture
Offered By: Black Hat via YouTube
Course Description
Overview
Explore a set of tools developed for analyzing crashes on Linux OS and ARM architecture to determine exploitability using taint analysis. Learn about ARM-Tracer, a Dynamic Binary Instrumentation (DBI) tool based on ptrace system call, designed to trace specific threads in multi-threaded environments and generate trace logs until a crash occurs. Discover ARM-Analyzer, a standalone GUI application for performing backward taint analysis on desktop systems. Understand how these tools work together to identify if crashes are affected by input data through analysis of ARM instructions. Watch a demonstration of these tools applied to an Android application for crash analysis. Gain insights into the development process, including the challenges of creating DBI tools for ARM architecture and the methods used to analyze ARM instructions for identifying taint objects.
Syllabus
Introduction
Example
VDT
DBI
Instruction Tracing
Instruction States
Program Counter
Interference
Start tracing
Condition flags
Analyzer
Results
Experiment
Demo
Outro
Taught by
Black Hat
Related Courses
Practical Uses of Program Analysis - Automatic Exploit GenerationNorthSec via YouTube Dynamic Binary Instrumentation Techniques to Address Native Code Obfuscation
Black Hat via YouTube Security Instrumentation - The Future of Software Security
LASCON via YouTube Android Rootkits - Analysis from Userland and Kernelland
RSA Conference via YouTube Finding 0days in Embedded Systems with Code Coverage Guided Fuzzing
BruCON Security Conference via YouTube