Triaging Crashed with Backward Taint Analysis for ARM Architecture

Explore a set of tools developed for analyzing crashes on Linux OS and ARM architecture to determine exploitability using taint analysis. Learn about ARM-Tracer, a Dynamic Binary Instrumentation (DBI) tool based on ptrace system call, designed to trace specific threads in multi-threaded environments and generate trace logs until a crash occurs. Discover ARM-Analyzer, a standalone GUI application for performing backward taint analysis on desktop systems. Understand how these tools work together to identify if crashes are affected by input data through analysis of ARM instructions. Watch a demonstration of these tools applied to an Android application for crash analysis. Gain insights into the development process, including the challenges of creating DBI tools for ARM architecture and the methods used to analyze ARM instructions for identifying taint objects.

Introduction
Example
VDT
DBI
Instruction Tracing
Instruction States
Program Counter
Interference
Start tracing
Condition flags
Analyzer
Results
Experiment
Demo
Outro