SlideShare uma empresa Scribd logo

ASFWS 2011 : Code obfuscation: Quid Novi ?

Cyber Security Alliance
Cyber Security Alliance

Application Security Forum 2011 27.10.2011 - Yverdon-les-Bains (Suisse) Speakers: Pascal Junod, Julien Rinaldini, Grégory Ruch

Tecnologia
1 de 58
Baixar para ler offline
Software Obfuscation Quid Novi ? Pascal Junod Julien Rinaldini Grégory Ruch ~ HEIG-VD
Outline Software Security Protection Techniques Hacking with LLVM Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Software Security Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Adversaries Let’s have a quick look at how cryptographers classify adversaries... Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Crypto Black-Box Adversaries Model my algorithm/protocol/ system as a set of oracles Interact with those oracles Ciphertext-only Known plaintext-ciphertext Chosen (adaptively or not) plaintexts and/or ciphertexts Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Crypto Black-Box Adversaries Prove (mathematically) that your algorithm/protocol/ system is secure if the underlying cryptographic primitives are secure. Examples: RSA-OAEP RSA-PSS Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
SW Black-Box Adversaries Interact with software, but nicely, i.e. using the common I/O ports :-) Code injection Memory corruption attack Design weaknesses Weak authentication ... Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
SW Black-Box Adversaries Ensure that your software is as secure as possible: Threat analysis, definition of the attack surface, security requirements Apply coding best practices Design review, code audits, pen-testing ... Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Crypto Grey-Box Adversaries Adversaries that were NOT foreseen by the theoretical cryptographers... Can interact with the cryptographic primitives, but might have (just) a bit more information about the computations, like: side- «tell» channel Timings information Physical leakage Faults Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
SW Grey-Box Adversaries Can interact with the software, but might have (just) a bit more information about the computations, like: Timings Physical leakage Faults Error messages ... Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
SW Grey-Box Adversaries Examples of software attacks by grey-box adversaries: Padding oracles Canvel et al attack against SSL, ASP.NET hack, BEAST Reverse-engineering of SW code on secured HW with help of a physical leakage channel and templates Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Crypto/SW Grey-Box Adversaries Ensure that your software is even more secure than possible: Constant-time coding Masking/blinding Use of redundant code ... Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Crypto White-Box Adversaries Adversaries that most cryptographers just do not want to hear about... Can do EVERYTHING they want !! Complete reverse-engineering of SW/HW Read/write all memories, including secure ones (containing keys) Perturb all computations Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
SW White-Box Adversaries Examples of software attacks by black-box adversaries have a ℵ0 cardinality: SW complete reverse-engineering SW cracking Bypass of copy protection systems Bypass of DRM systems Bypass of licensing schemes ... Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Attacks based on Faults Consider the following piece of code that could valid the RSA signature during the secure boot of a trusted device: if (RSA_verify (signature) == RSA_VALID_SIGNATURE) { // Perform some critical operation } else { return NOT_AUTHENTICATED } Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Attacks based on Faults This could translate into the following: The whole RSA signature verification mechanism security relies on whether this ... instruction will be executed or not... cmp $0x0, %ebx je jne 0x64FE89A1 ... Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
White-Box Adversaries One example among many others: the AACS hack DRM protection scheme for Blu- Ray State-of-the art crypto SW player broken Just read the last media- encrypting key in memory :-o Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Protection Techniques Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Software Protection Back to basics ... Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Software Protection Pascal Junod -- Software Obfuscation: Quid Novi ? Pictures credit: Collberg, Nagra, «Surreptitious Software», Addison-Wesley, 2009 ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Software Protection Pascal Junod -- Software Obfuscation: Quid Novi ? Pictures credit: Collberg, Nagra, «Surreptitious Software», Addison-Wesley, 2009 ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Malicious Reverse Engineering Pascal Junod -- Software Obfuscation: Quid Novi ? Pictures credit: Collberg, Nagra, «Surreptitious Software», Addison-Wesley, 2009 ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
DRM Pascal Junod -- Software Obfuscation: Quid Novi ? Pictures credit: Collberg, Nagra, «Surreptitious Software», Addison-Wesley, 2009 ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Mobile Computing Pascal Junod -- Software Obfuscation: Quid Novi ? Pictures credit: Collberg, Nagra, «Surreptitious Software», Addison-Wesley, 2009 ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Cloud Computing Pascal Junod -- Software Obfuscation: Quid Novi ? Pictures credit: Collberg, Nagra, «Surreptitious Software», Addison-Wesley, 2009 ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Software Protection A typical attack can be decomposed in three phases: Program analysis, algorithm, design and secrets extraction Code modification e.g., removal of license check Distribution Violation of intellectual property right Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Software Protection Code Defense possibilities obfuscation Add confusion to Doris’ code, to render the analysis by Axel more SW/ HW-based costly protections Add tamper-protection to Doris’ code, to prevent him from modifying the code SW watermarking, fingerprinting Mark Doris’ code Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Software Protection Obfuscation Techniques Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Software Protection According to Wikipedia, obfuscated code is source or machine code that has been made difficult to understand. Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Software Protection Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Software Protection Even if it is impossible in theory, let’s try it in practice :-) Weaker security notion ? Not necessarily resisting all adversaries, but forcing an to work several adversary hours/days/months to break my SW Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Software Protection return (int) ((((x - 2) * (x - 3) * (x - 4) * (x - 5) * (x - 6) * (x - 7) * (x - 8) * (x - 9) * (x - 10) * (x - 11) * (x - 12) * 31) / ((x - 2) * (x - 3) * (x - 4) * (x - 5) * (x - 6) * (x - 7) * (x - 8) * (x - 9) * (x - 10) * (x - 11) * (x - 12) + .00001)) + (((x - 3) * (x - 4) * (x - 5) * (x - 6) * (x - 7) * (x - 8) * (x - 9) * (x - 10) * (x - 11) * (x - 12) * (28 + z)) / ((x - 3) * (x - 4) * (x - 5) * (x - 6) * (x - 7) * (x - 8) * (x - 9) * (x - 10) * (x - 11) * (x - 12) + .00001)) + (((x - 4) * (x - 5) * (x - 6) * (x - 7) * (x - 8) * (x - 9) * (x - 10) * (x - 11) * (x - 12) * 31) / ((x - 4) * (x - 5) * (x - 6) * (x - 7) * (x - 8) * (x - 9) * (x - 10) * (x - 11) * (x - 12) + .00001)) + (((x - 5) * (x - 6) * (x - 7) * (x - 8) * (x - 9) * (x - 10) * (x - 11) * (x - 12) * 30) / ((x - 5) * (x - 6) * (x - 7) * (x - 8) * (x - 9) * (x - 10) * (x - 11) * (x - 12) + .00001)) + (((x - 6) * (x - 7) * (x - 8) * (x - 9) * (x - 10) * (x - 11) * (x - 12) * 31) / ((x - 6) * (x - 7) * (x - 8) * (x - 9) * (x - 10) * (x - 11) * (x - 12 ) + .00001)) + (((x - 7) * (x - 8) * (x - 9) * (x - 10) * (x - 11) * (x - 12) * 30) / ((x - 7) * (x - 8) * (x - 9) * (x - 10) * (x - 11) * (x - 12) + .00001)) + (((x - 8) * (x - 9) * (x - 10) * (x - 11) * (x - 12) * 31) / ((x - 8) * (x - 9) * (x - 10) * (x - 11) * (x - 12) + .00001)) + (((x - 9) * (x - 10) * (x - 11) * (x - 12) * 31) / ((x - 9) * (x - 10) * (x - 11) * (x - 12) + .00001)) + (((x - 10) * (x - 11) * (x - 12) * 30) / ((x - 10) * (x - 11) * (x - 12) + .00001)) + (((x - 11) * (x - 12) * 31) / ((x - 11) * (x - 12) + .00001)) + (((x - 12) * 30) / ((x - 12) + .00001)) + 31 + .1) - y; Source: Wikipedia Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Software Protection @P=split//,".URRUUc8R";@d=split//,"nrekcah xinU / lreP rehtona tsuJ";sub p{ @p{"r$p","u$p"}=(P,P);pipe"r$p","u$p";++$p;($q*=2)+= $f=!fork;map{$P=$P[$f^ord ($p{$_})&6];$p{$_}=/ ^$P/ix?$P:close$_}keys %p}p;p;p;p;p;map{$p{$_}=~/^[P.]/&& close$_}%p;wait until$?;map{/^r/&&<$_>}%p;$_= $d[$q];sleep rand(2)if/S/;print This tiny Perl program displays the text «Just another Perl/Unix hacker», multiple characters at a time, with delays. Source: Wikipedia Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Software Protection void primes(int cap) { int i, j, composite; for(i = 2; i < cap; ++i) { composite = 0; _(__,___,____,_____){___/__<=_____?_(__,___ for(j = 2; j * j <= i; ++j) +_____,____,_____):!(___%__)?_(__,___ +_____,___%__,_____):___%__==___/ composite += !(i % j); __&&!____?(printf("%dt",___/__),_(__,___ if(!composite) +_____,____,_____)):(___%__>_____&&___ printf("%dt", i); %__<___/__)?_(__,___+ _____,____,_____+!(___/__%(___ } %__))):___<__*__?_(__,___ } +_____,____,_____):0;}main(void) {_(100,0,0,1);} int main(void) { primes(100); } This simple C program implements Erastothene’s Sieve. Source: Wikipedia Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Software Protection Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Software Protection Very different capabilities Code source vs. binary obfuscation Supported languages .NET, C#, Java, Javascript, C/C++ Costs of obfuscation Code size, code speed Resistance to RE Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Software Protection Advanced Obfuscation Techniques Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Packing Packers (executable compression/ encryption) have been used to thwart RE Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Code Flattening Code transformations Break loops, conditional structures Transform code in «spaghetti code» ... Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Opaque Predicates Opaque predicates is a (Boolean) expression for which Outcome a priori known by the programmer Reverse engineer has to execute it to know the answer Force moving from static analysis to dynamic analysis/debugging/ emulation. Can be evil if using real crypto :-) Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Code Interleaving Idea: systematically identify portions of code that can be run in parallel (i.e., which do not depend on each others) Interleave those code portions Go down to the instruction level, if possible Maybe add additional junk code Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Virtualisation Push the concept of packer a bit further, and rewrite SW as (custom) byte-code aimed for a (custom) VM Idea can be pushed further by iterating the process, but beware of performances... Use tricky, esoteric, exotic, but still Turing-complete computer architectures: brainfuck (8 instr. with no operands) subleq (1 instr. with 3 operands) ... Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Playing with Networks When you have a (fast network) at your disposal, you can leverage this ! Sending tamper-proofing challenges with 1s answer delay Sending sensitive code encrypted and on- demand Techniques mostly used by the online gaming industry to avoid cheating. Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Hacking with LLVM Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Why ? No satisfactory open-source tool able to obfuscate C/C++ Cool new research playground ! Have already worked on the subject in other lives RE is hard, protecting against RE in an efficient way is even harder ! Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Obfuscator Project HES-SO-funded 1-year project HEIG-VD PJ, Greg Ruch, Julien Rinaldini + master students, with focus on source code obfuscation EIA-FR Jean-Roland Schuler + research assistants, with focus on binary code obfuscation Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Obfuscator Project Goals of «Obfuscator»: Create knowledge & know-how on the subject at HES-SO Develop prototype tools Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Obfuscator Project Explored and abandoned paths: C language parser and code modifier written in Python (Sébastien Bischof) Code flattening implemented Too much time spent on the parser :-/ Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Obfuscator Project Explored and abandoned paths: Extending the GNU compiler suite Almost no documentation Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Obfuscator Project Explored and abandoned paths: Extending the LLVM CLang front-end (Grégory Ruch) APIs not very stable, and not really adapted for this task Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Obfuscator Project Why focusing on C/C++ ?! Why not using the excellent design of LLVM and be (a bit) more ambitious ? & obfuscator Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Obfuscator Project Let us work on the LLVM intermediate representation (IR) ! Clean and stable APIs Fully documented Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Obfuscator Project LLVM interesting features Front-ends for C, C++, Objective-C, Fortran, Java, Ada, ... Back-ends for X86, X86-64, PowerPC, PowerPC-64, ARM, Thumb, SPARC, Alpha, CellSPU, MIPS, MSP430, SystemZ, and XCore «Optimizations» passes order can be fine- tuned Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Obfuscator Project Current concrete results, besides failures: Developed a test-bed (!) Developed several simple obfuscations passes Code substitution Development of a code-flattening pass on- going But still a long, hard way to go !! Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Obfuscator Project // For each basicblock for (Function::iterator i = F.begin(), e = F.end(); i != e; ++i) { BasicBlock *blk = i; // For each instruction for (BasicBlock::iterator j = blk->begin(), e = blk->end(); j != e; ++j) { llvm::Instruction *inst = j; // If it's a binary operation if(inst->isBinaryOp()) { unsigned opcode = inst->getOpcode(); int operand; // Go to right opcode switch(opcode) { case Instruction::Add: case Instruction::FAdd: // Choose one substitution randomly switch(rand()%6) { // Implementation of a = b - (-c) case 0: // Create a neg value varName += "_"; var = new Twine(varName); // Create sub if(opcode == Instruction::FAdd) { op = BinaryOperator::CreateFNeg(cast<Value>(inst- >getOperand(1)),*var,inst); finalOp = BinaryOperator::Create(Instruction::FSub, cast<Value>(inst->getOperand(0)),cast<Value>(op),inst->getNameStr(),inst); } else { op = BinaryOperator::CreateNeg(cast<Value>(inst- >getOperand(1)),*var,inst); finalOp = BinaryOperator::Create(Instruction::Sub, cast<Value>(inst->getOperand(0)),cast<Value>(op),inst->getNameStr(),inst); } // Check signed wrap Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Conclusion Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Conclusion Obfuscation is a fascinating research playground Obfuscation needs will increase in the future (personal prediction) Mobile platforms Embedded SW platforms Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
Contact Information Website http://crypto.junod.info Twitter @cryptopathe E-mail pascal@junod.info Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland

Recomendados

Ehip4 caring through sharing privacy and-security-technical-aspects riccardo ...
Ehip4 caring through sharing privacy and-security-technical-aspects riccardo ...Ehip4 caring through sharing privacy and-security-technical-aspects riccardo ...
Ehip4 caring through sharing privacy and-security-technical-aspects riccardo ...imec.archive
 
blur-me-recsystalk
blur-me-recsystalkblur-me-recsystalk
blur-me-recsystalkSmriti Bhagat
 
New techniques in sql obfuscation, from DEFCON 20
New techniques in sql obfuscation, from DEFCON 20New techniques in sql obfuscation, from DEFCON 20
New techniques in sql obfuscation, from DEFCON 20Nick Galbreath
 
BeEF_EUSecWest-2012_Michele-Orru
BeEF_EUSecWest-2012_Michele-OrruBeEF_EUSecWest-2012_Michele-Orru
BeEF_EUSecWest-2012_Michele-OrruMichele Orru
 
TakeDownCon Rocket City: WebShells by Adrian Crenshaw
TakeDownCon Rocket City: WebShells by Adrian CrenshawTakeDownCon Rocket City: WebShells by Adrian Crenshaw
TakeDownCon Rocket City: WebShells by Adrian CrenshawEC-Council
 
Web attacks using obfuscated script
Web attacks using obfuscated scriptWeb attacks using obfuscated script
Web attacks using obfuscated scriptAmol Kamble
 
On deobfuscation in practice
On deobfuscation in practiceOn deobfuscation in practice
On deobfuscation in practiceDmitry Schelkunov
 
Code obfuscation
Code obfuscationCode obfuscation
Code obfuscationAmol Kamble
 

Recomendados

Ehip4 caring through sharing privacy and-security-technical-aspects riccardo ...
Ehip4 caring through sharing privacy and-security-technical-aspects riccardo ...Ehip4 caring through sharing privacy and-security-technical-aspects riccardo ...
Ehip4 caring through sharing privacy and-security-technical-aspects riccardo ...imec.archive
 
blur-me-recsystalk
blur-me-recsystalkblur-me-recsystalk
blur-me-recsystalkSmriti Bhagat
 
New techniques in sql obfuscation, from DEFCON 20
New techniques in sql obfuscation, from DEFCON 20New techniques in sql obfuscation, from DEFCON 20
New techniques in sql obfuscation, from DEFCON 20Nick Galbreath
 
BeEF_EUSecWest-2012_Michele-Orru
BeEF_EUSecWest-2012_Michele-OrruBeEF_EUSecWest-2012_Michele-Orru
BeEF_EUSecWest-2012_Michele-OrruMichele Orru
 
TakeDownCon Rocket City: WebShells by Adrian Crenshaw
TakeDownCon Rocket City: WebShells by Adrian CrenshawTakeDownCon Rocket City: WebShells by Adrian Crenshaw
TakeDownCon Rocket City: WebShells by Adrian CrenshawEC-Council
 
Web attacks using obfuscated script
Web attacks using obfuscated scriptWeb attacks using obfuscated script
Web attacks using obfuscated scriptAmol Kamble
 
On deobfuscation in practice
On deobfuscation in practiceOn deobfuscation in practice
On deobfuscation in practiceDmitry Schelkunov
 
Code obfuscation
Code obfuscationCode obfuscation
Code obfuscationAmol Kamble
 
Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013Belsoft
 
Deobfuscation and beyond (ZeroNights, 2014)
Deobfuscation and beyond (ZeroNights, 2014)Deobfuscation and beyond (ZeroNights, 2014)
Deobfuscation and beyond (ZeroNights, 2014)ReCrypt
 
Context Driven Scalable SIEM Solution
Context Driven Scalable SIEM Solution Context Driven Scalable SIEM Solution
Context Driven Scalable SIEM Solution Ertugrul Akbas
 
Palo Alto
Palo AltoPalo Alto
Palo AltoHajar Otmani
 
Expanding the control over the operating system from the database
Expanding the control over the operating system from the databaseExpanding the control over the operating system from the database
Expanding the control over the operating system from the databaseBernardo Damele A. G.
 
ORM Injection
ORM InjectionORM Injection
ORM InjectionSimone Onofri
 
[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...
[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...
[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...CODE BLUE
 
Invoke-Obfuscation DerbyCon 2016
Invoke-Obfuscation DerbyCon 2016Invoke-Obfuscation DerbyCon 2016
Invoke-Obfuscation DerbyCon 2016Daniel Bohannon
 
Nullcon Goa 2016 - Automated Mobile Application Security Testing with Mobile ...
Nullcon Goa 2016 - Automated Mobile Application Security Testing with Mobile ...Nullcon Goa 2016 - Automated Mobile Application Security Testing with Mobile ...
Nullcon Goa 2016 - Automated Mobile Application Security Testing with Mobile ...Ajin Abraham
 
IBM Security Portfolio - 2015
IBM Security Portfolio - 2015IBM Security Portfolio - 2015
IBM Security Portfolio - 2015IBM Thailand Co Ltd
 
AntiVirus Evasion Reconstructed - Veil 3.0
AntiVirus Evasion Reconstructed - Veil 3.0AntiVirus Evasion Reconstructed - Veil 3.0
AntiVirus Evasion Reconstructed - Veil 3.0CTruncer
 
Object Oriented Exploitation: New techniques in Windows mitigation bypass
Object Oriented Exploitation: New techniques in Windows mitigation bypassObject Oriented Exploitation: New techniques in Windows mitigation bypass
Object Oriented Exploitation: New techniques in Windows mitigation bypassSam Thomas
 
Ha nam
Ha namHa nam
Ha namrajgurupatil
 
Invoke-Obfuscation nullcon 2017
Invoke-Obfuscation nullcon 2017Invoke-Obfuscation nullcon 2017
Invoke-Obfuscation nullcon 2017Daniel Bohannon
 
Injecting Security into vulnerable web apps at Runtime
Injecting Security into vulnerable web apps at RuntimeInjecting Security into vulnerable web apps at Runtime
Injecting Security into vulnerable web apps at RuntimeAjin Abraham
 
Bug Bounty @ Swisscom
Bug Bounty @ SwisscomBug Bounty @ Swisscom
Bug Bounty @ SwisscomCyber Security Alliance
 
Robots are among us, but who takes responsibility?
Robots are among us, but who takes responsibility?Robots are among us, but who takes responsibility?
Robots are among us, but who takes responsibility?Cyber Security Alliance
 
iOS malware: what's the risk and how to reduce it
iOS malware: what's the risk and how to reduce itiOS malware: what's the risk and how to reduce it
iOS malware: what's the risk and how to reduce itCyber Security Alliance
 
Why huntung IoC fails at protecting against targeted attacks
Why huntung IoC fails at protecting against targeted attacksWhy huntung IoC fails at protecting against targeted attacks
Why huntung IoC fails at protecting against targeted attacksCyber Security Alliance
 
Corporations - the new victims of targeted ransomware
Corporations - the new victims of targeted ransomwareCorporations - the new victims of targeted ransomware
Corporations - the new victims of targeted ransomwareCyber Security Alliance
 
Blockchain for Beginners
Blockchain for Beginners Blockchain for Beginners
Blockchain for Beginners Cyber Security Alliance
 
Le pentest pour les nuls #cybsec16
Le pentest pour les nuls #cybsec16Le pentest pour les nuls #cybsec16
Le pentest pour les nuls #cybsec16Cyber Security Alliance
 

Mais conteúdo relacionado

Destaque

Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013Belsoft
 
Deobfuscation and beyond (ZeroNights, 2014)
Deobfuscation and beyond (ZeroNights, 2014)Deobfuscation and beyond (ZeroNights, 2014)
Deobfuscation and beyond (ZeroNights, 2014)ReCrypt
 
Context Driven Scalable SIEM Solution
Context Driven Scalable SIEM Solution Context Driven Scalable SIEM Solution
Context Driven Scalable SIEM Solution Ertugrul Akbas
 
Expanding the control over the operating system from the database
Expanding the control over the operating system from the databaseExpanding the control over the operating system from the database
Expanding the control over the operating system from the databaseBernardo Damele A. G.
 
[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...
[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...
[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...CODE BLUE
 
Invoke-Obfuscation DerbyCon 2016
Invoke-Obfuscation DerbyCon 2016Invoke-Obfuscation DerbyCon 2016
Invoke-Obfuscation DerbyCon 2016Daniel Bohannon
 
Nullcon Goa 2016 - Automated Mobile Application Security Testing with Mobile ...
Nullcon Goa 2016 - Automated Mobile Application Security Testing with Mobile ...Nullcon Goa 2016 - Automated Mobile Application Security Testing with Mobile ...
Nullcon Goa 2016 - Automated Mobile Application Security Testing with Mobile ...Ajin Abraham
 
AntiVirus Evasion Reconstructed - Veil 3.0
AntiVirus Evasion Reconstructed - Veil 3.0AntiVirus Evasion Reconstructed - Veil 3.0
AntiVirus Evasion Reconstructed - Veil 3.0CTruncer
 
Object Oriented Exploitation: New techniques in Windows mitigation bypass
Object Oriented Exploitation: New techniques in Windows mitigation bypassObject Oriented Exploitation: New techniques in Windows mitigation bypass
Object Oriented Exploitation: New techniques in Windows mitigation bypassSam Thomas
 
Invoke-Obfuscation nullcon 2017
Invoke-Obfuscation nullcon 2017Invoke-Obfuscation nullcon 2017
Invoke-Obfuscation nullcon 2017Daniel Bohannon
 
Injecting Security into vulnerable web apps at Runtime
Injecting Security into vulnerable web apps at RuntimeInjecting Security into vulnerable web apps at Runtime
Injecting Security into vulnerable web apps at RuntimeAjin Abraham
 

Destaque (15)

Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013
 
Deobfuscation and beyond (ZeroNights, 2014)
Deobfuscation and beyond (ZeroNights, 2014)Deobfuscation and beyond (ZeroNights, 2014)
Deobfuscation and beyond (ZeroNights, 2014)
 
Context Driven Scalable SIEM Solution
Context Driven Scalable SIEM Solution Context Driven Scalable SIEM Solution
Context Driven Scalable SIEM Solution
 
Palo Alto
Palo AltoPalo Alto
Palo Alto
 
Expanding the control over the operating system from the database
Expanding the control over the operating system from the databaseExpanding the control over the operating system from the database
Expanding the control over the operating system from the database
 
ORM Injection
ORM InjectionORM Injection
ORM Injection
 
[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...
[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...
[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...
 
Invoke-Obfuscation DerbyCon 2016
Invoke-Obfuscation DerbyCon 2016Invoke-Obfuscation DerbyCon 2016
Invoke-Obfuscation DerbyCon 2016
 
Nullcon Goa 2016 - Automated Mobile Application Security Testing with Mobile ...
Nullcon Goa 2016 - Automated Mobile Application Security Testing with Mobile ...Nullcon Goa 2016 - Automated Mobile Application Security Testing with Mobile ...
Nullcon Goa 2016 - Automated Mobile Application Security Testing with Mobile ...
 
IBM Security Portfolio - 2015
IBM Security Portfolio - 2015IBM Security Portfolio - 2015
IBM Security Portfolio - 2015
 
AntiVirus Evasion Reconstructed - Veil 3.0
AntiVirus Evasion Reconstructed - Veil 3.0AntiVirus Evasion Reconstructed - Veil 3.0
AntiVirus Evasion Reconstructed - Veil 3.0
 
Object Oriented Exploitation: New techniques in Windows mitigation bypass
Object Oriented Exploitation: New techniques in Windows mitigation bypassObject Oriented Exploitation: New techniques in Windows mitigation bypass
Object Oriented Exploitation: New techniques in Windows mitigation bypass
 
Ha nam
Ha namHa nam
Ha nam
 
Invoke-Obfuscation nullcon 2017
Invoke-Obfuscation nullcon 2017Invoke-Obfuscation nullcon 2017
Invoke-Obfuscation nullcon 2017
 
Injecting Security into vulnerable web apps at Runtime
Injecting Security into vulnerable web apps at RuntimeInjecting Security into vulnerable web apps at Runtime
Injecting Security into vulnerable web apps at Runtime
 

Mais de Cyber Security Alliance

Robots are among us, but who takes responsibility?
Robots are among us, but who takes responsibility?Robots are among us, but who takes responsibility?
Robots are among us, but who takes responsibility?Cyber Security Alliance
 
iOS malware: what's the risk and how to reduce it
iOS malware: what's the risk and how to reduce itiOS malware: what's the risk and how to reduce it
iOS malware: what's the risk and how to reduce itCyber Security Alliance
 
Why huntung IoC fails at protecting against targeted attacks
Why huntung IoC fails at protecting against targeted attacksWhy huntung IoC fails at protecting against targeted attacks
Why huntung IoC fails at protecting against targeted attacksCyber Security Alliance
 
Corporations - the new victims of targeted ransomware
Corporations - the new victims of targeted ransomwareCorporations - the new victims of targeted ransomware
Corporations - the new victims of targeted ransomwareCyber Security Alliance
 
Introducing Man in the Contacts attack to trick encrypted messaging apps
Introducing Man in the Contacts attack to trick encrypted messaging appsIntroducing Man in the Contacts attack to trick encrypted messaging apps
Introducing Man in the Contacts attack to trick encrypted messaging appsCyber Security Alliance
 
Understanding the fundamentals of attacks
Understanding the fundamentals of attacksUnderstanding the fundamentals of attacks
Understanding the fundamentals of attacksCyber Security Alliance
 
Reverse engineering Swisscom's Centro Grande Modem
Reverse engineering Swisscom's Centro Grande ModemReverse engineering Swisscom's Centro Grande Modem
Reverse engineering Swisscom's Centro Grande ModemCyber Security Alliance
 
Easy public-private-keys-strong-authentication-using-u2 f
Easy public-private-keys-strong-authentication-using-u2 fEasy public-private-keys-strong-authentication-using-u2 f
Easy public-private-keys-strong-authentication-using-u2 fCyber Security Alliance
 
Create a-strong-two-factors-authentication-device-for-less-than-chf-100
Create a-strong-two-factors-authentication-device-for-less-than-chf-100Create a-strong-two-factors-authentication-device-for-less-than-chf-100
Create a-strong-two-factors-authentication-device-for-less-than-chf-100Cyber Security Alliance
 
Offline bruteforce attack on wi fi protected setup
Offline bruteforce attack on wi fi protected setupOffline bruteforce attack on wi fi protected setup
Offline bruteforce attack on wi fi protected setupCyber Security Alliance
 
App secforum2014 andrivet-cplusplus11-metaprogramming_applied_to_software_obf...
App secforum2014 andrivet-cplusplus11-metaprogramming_applied_to_software_obf...App secforum2014 andrivet-cplusplus11-metaprogramming_applied_to_software_obf...
App secforum2014 andrivet-cplusplus11-metaprogramming_applied_to_software_obf...Cyber Security Alliance
 
Warning Ahead: SecurityStorms are Brewing in Your JavaScript
Warning Ahead: SecurityStorms are Brewing in Your JavaScriptWarning Ahead: SecurityStorms are Brewing in Your JavaScript
Warning Ahead: SecurityStorms are Brewing in Your JavaScriptCyber Security Alliance
 
Killing any security product … using a Mimikatz undocumented feature
Killing any security product … using a Mimikatz undocumented featureKilling any security product … using a Mimikatz undocumented feature
Killing any security product … using a Mimikatz undocumented featureCyber Security Alliance
 

Mais de Cyber Security Alliance (20)

Bug Bounty @ Swisscom
Bug Bounty @ SwisscomBug Bounty @ Swisscom
Bug Bounty @ Swisscom
 
Robots are among us, but who takes responsibility?
Robots are among us, but who takes responsibility?Robots are among us, but who takes responsibility?
Robots are among us, but who takes responsibility?
 
iOS malware: what's the risk and how to reduce it
iOS malware: what's the risk and how to reduce itiOS malware: what's the risk and how to reduce it
iOS malware: what's the risk and how to reduce it
 
Why huntung IoC fails at protecting against targeted attacks
Why huntung IoC fails at protecting against targeted attacksWhy huntung IoC fails at protecting against targeted attacks
Why huntung IoC fails at protecting against targeted attacks
 
Corporations - the new victims of targeted ransomware
Corporations - the new victims of targeted ransomwareCorporations - the new victims of targeted ransomware
Corporations - the new victims of targeted ransomware
 
Blockchain for Beginners
Blockchain for Beginners Blockchain for Beginners
Blockchain for Beginners
 
Le pentest pour les nuls #cybsec16
Le pentest pour les nuls #cybsec16Le pentest pour les nuls #cybsec16
Le pentest pour les nuls #cybsec16
 
Introducing Man in the Contacts attack to trick encrypted messaging apps
Introducing Man in the Contacts attack to trick encrypted messaging appsIntroducing Man in the Contacts attack to trick encrypted messaging apps
Introducing Man in the Contacts attack to trick encrypted messaging apps
 
Understanding the fundamentals of attacks
Understanding the fundamentals of attacksUnderstanding the fundamentals of attacks
Understanding the fundamentals of attacks
 
Rump : iOS patch diffing
Rump : iOS patch diffingRump : iOS patch diffing
Rump : iOS patch diffing
 
An easy way into your sap systems v3.0
An easy way into your sap systems v3.0An easy way into your sap systems v3.0
An easy way into your sap systems v3.0
 
Reverse engineering Swisscom's Centro Grande Modem
Reverse engineering Swisscom's Centro Grande ModemReverse engineering Swisscom's Centro Grande Modem
Reverse engineering Swisscom's Centro Grande Modem
 
Easy public-private-keys-strong-authentication-using-u2 f
Easy public-private-keys-strong-authentication-using-u2 fEasy public-private-keys-strong-authentication-using-u2 f
Easy public-private-keys-strong-authentication-using-u2 f
 
Create a-strong-two-factors-authentication-device-for-less-than-chf-100
Create a-strong-two-factors-authentication-device-for-less-than-chf-100Create a-strong-two-factors-authentication-device-for-less-than-chf-100
Create a-strong-two-factors-authentication-device-for-less-than-chf-100
 
Offline bruteforce attack on wi fi protected setup
Offline bruteforce attack on wi fi protected setupOffline bruteforce attack on wi fi protected setup
Offline bruteforce attack on wi fi protected setup
 
App secforum2014 andrivet-cplusplus11-metaprogramming_applied_to_software_obf...
App secforum2014 andrivet-cplusplus11-metaprogramming_applied_to_software_obf...App secforum2014 andrivet-cplusplus11-metaprogramming_applied_to_software_obf...
App secforum2014 andrivet-cplusplus11-metaprogramming_applied_to_software_obf...
 
Warning Ahead: SecurityStorms are Brewing in Your JavaScript
Warning Ahead: SecurityStorms are Brewing in Your JavaScriptWarning Ahead: SecurityStorms are Brewing in Your JavaScript
Warning Ahead: SecurityStorms are Brewing in Your JavaScript
 
Killing any security product … using a Mimikatz undocumented feature
Killing any security product … using a Mimikatz undocumented featureKilling any security product … using a Mimikatz undocumented feature
Killing any security product … using a Mimikatz undocumented feature
 
Rump attaque usb_caralinda_fabrice
Rump attaque usb_caralinda_fabriceRump attaque usb_caralinda_fabrice
Rump attaque usb_caralinda_fabrice
 
Operation emmental appsec
Operation emmental appsecOperation emmental appsec
Operation emmental appsec
 

Último

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 

Último (20)

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 

ASFWS 2011 : Code obfuscation: Quid Novi ?

  • 1. Software Obfuscation Quid Novi ? Pascal Junod Julien Rinaldini Grégory Ruch ~ HEIG-VD
  • 2. Outline Software Security Protection Techniques Hacking with LLVM Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 3. Software Security Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 4. Adversaries Let’s have a quick look at how cryptographers classify adversaries... Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 5. Crypto Black-Box Adversaries Model my algorithm/protocol/ system as a set of oracles Interact with those oracles Ciphertext-only Known plaintext-ciphertext Chosen (adaptively or not) plaintexts and/or ciphertexts Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 6. Crypto Black-Box Adversaries Prove (mathematically) that your algorithm/protocol/ system is secure if the underlying cryptographic primitives are secure. Examples: RSA-OAEP RSA-PSS Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 7. SW Black-Box Adversaries Interact with software, but nicely, i.e. using the common I/O ports :-) Code injection Memory corruption attack Design weaknesses Weak authentication ... Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 8. SW Black-Box Adversaries Ensure that your software is as secure as possible: Threat analysis, definition of the attack surface, security requirements Apply coding best practices Design review, code audits, pen-testing ... Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 9. Crypto Grey-Box Adversaries Adversaries that were NOT foreseen by the theoretical cryptographers... Can interact with the cryptographic primitives, but might have (just) a bit more information about the computations, like: side- «tell» channel Timings information Physical leakage Faults Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 10. SW Grey-Box Adversaries Can interact with the software, but might have (just) a bit more information about the computations, like: Timings Physical leakage Faults Error messages ... Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 11. SW Grey-Box Adversaries Examples of software attacks by grey-box adversaries: Padding oracles Canvel et al attack against SSL, ASP.NET hack, BEAST Reverse-engineering of SW code on secured HW with help of a physical leakage channel and templates Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 12. Crypto/SW Grey-Box Adversaries Ensure that your software is even more secure than possible: Constant-time coding Masking/blinding Use of redundant code ... Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 13. Crypto White-Box Adversaries Adversaries that most cryptographers just do not want to hear about... Can do EVERYTHING they want !! Complete reverse-engineering of SW/HW Read/write all memories, including secure ones (containing keys) Perturb all computations Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 14. SW White-Box Adversaries Examples of software attacks by black-box adversaries have a ℵ0 cardinality: SW complete reverse-engineering SW cracking Bypass of copy protection systems Bypass of DRM systems Bypass of licensing schemes ... Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 15. Attacks based on Faults Consider the following piece of code that could valid the RSA signature during the secure boot of a trusted device: if (RSA_verify (signature) == RSA_VALID_SIGNATURE) { // Perform some critical operation } else { return NOT_AUTHENTICATED } Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 16. Attacks based on Faults This could translate into the following: The whole RSA signature verification mechanism security relies on whether this ... instruction will be executed or not... cmp $0x0, %ebx je jne 0x64FE89A1 ... Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 17. White-Box Adversaries One example among many others: the AACS hack DRM protection scheme for Blu- Ray State-of-the art crypto SW player broken Just read the last media- encrypting key in memory :-o Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 18. Protection Techniques Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 19. Software Protection Back to basics ... Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 20. Software Protection Pascal Junod -- Software Obfuscation: Quid Novi ? Pictures credit: Collberg, Nagra, «Surreptitious Software», Addison-Wesley, 2009 ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 21. Software Protection Pascal Junod -- Software Obfuscation: Quid Novi ? Pictures credit: Collberg, Nagra, «Surreptitious Software», Addison-Wesley, 2009 ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 22. Malicious Reverse Engineering Pascal Junod -- Software Obfuscation: Quid Novi ? Pictures credit: Collberg, Nagra, «Surreptitious Software», Addison-Wesley, 2009 ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 23. DRM Pascal Junod -- Software Obfuscation: Quid Novi ? Pictures credit: Collberg, Nagra, «Surreptitious Software», Addison-Wesley, 2009 ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 24. Mobile Computing Pascal Junod -- Software Obfuscation: Quid Novi ? Pictures credit: Collberg, Nagra, «Surreptitious Software», Addison-Wesley, 2009 ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 25. Cloud Computing Pascal Junod -- Software Obfuscation: Quid Novi ? Pictures credit: Collberg, Nagra, «Surreptitious Software», Addison-Wesley, 2009 ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 26. Software Protection A typical attack can be decomposed in three phases: Program analysis, algorithm, design and secrets extraction Code modification e.g., removal of license check Distribution Violation of intellectual property right Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 27. Software Protection Code Defense possibilities obfuscation Add confusion to Doris’ code, to render the analysis by Axel more SW/ HW-based costly protections Add tamper-protection to Doris’ code, to prevent him from modifying the code SW watermarking, fingerprinting Mark Doris’ code Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 28. Software Protection Obfuscation Techniques Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 29. Software Protection According to Wikipedia, obfuscated code is source or machine code that has been made difficult to understand. Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 30. Software Protection Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 31. Software Protection Even if it is impossible in theory, let’s try it in practice :-) Weaker security notion ? Not necessarily resisting all adversaries, but forcing an to work several adversary hours/days/months to break my SW Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 32. Software Protection return (int) ((((x - 2) * (x - 3) * (x - 4) * (x - 5) * (x - 6) * (x - 7) * (x - 8) * (x - 9) * (x - 10) * (x - 11) * (x - 12) * 31) / ((x - 2) * (x - 3) * (x - 4) * (x - 5) * (x - 6) * (x - 7) * (x - 8) * (x - 9) * (x - 10) * (x - 11) * (x - 12) + .00001)) + (((x - 3) * (x - 4) * (x - 5) * (x - 6) * (x - 7) * (x - 8) * (x - 9) * (x - 10) * (x - 11) * (x - 12) * (28 + z)) / ((x - 3) * (x - 4) * (x - 5) * (x - 6) * (x - 7) * (x - 8) * (x - 9) * (x - 10) * (x - 11) * (x - 12) + .00001)) + (((x - 4) * (x - 5) * (x - 6) * (x - 7) * (x - 8) * (x - 9) * (x - 10) * (x - 11) * (x - 12) * 31) / ((x - 4) * (x - 5) * (x - 6) * (x - 7) * (x - 8) * (x - 9) * (x - 10) * (x - 11) * (x - 12) + .00001)) + (((x - 5) * (x - 6) * (x - 7) * (x - 8) * (x - 9) * (x - 10) * (x - 11) * (x - 12) * 30) / ((x - 5) * (x - 6) * (x - 7) * (x - 8) * (x - 9) * (x - 10) * (x - 11) * (x - 12) + .00001)) + (((x - 6) * (x - 7) * (x - 8) * (x - 9) * (x - 10) * (x - 11) * (x - 12) * 31) / ((x - 6) * (x - 7) * (x - 8) * (x - 9) * (x - 10) * (x - 11) * (x - 12 ) + .00001)) + (((x - 7) * (x - 8) * (x - 9) * (x - 10) * (x - 11) * (x - 12) * 30) / ((x - 7) * (x - 8) * (x - 9) * (x - 10) * (x - 11) * (x - 12) + .00001)) + (((x - 8) * (x - 9) * (x - 10) * (x - 11) * (x - 12) * 31) / ((x - 8) * (x - 9) * (x - 10) * (x - 11) * (x - 12) + .00001)) + (((x - 9) * (x - 10) * (x - 11) * (x - 12) * 31) / ((x - 9) * (x - 10) * (x - 11) * (x - 12) + .00001)) + (((x - 10) * (x - 11) * (x - 12) * 30) / ((x - 10) * (x - 11) * (x - 12) + .00001)) + (((x - 11) * (x - 12) * 31) / ((x - 11) * (x - 12) + .00001)) + (((x - 12) * 30) / ((x - 12) + .00001)) + 31 + .1) - y; Source: Wikipedia Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 33. Software Protection @P=split//,".URRUUc8R";@d=split//,"nrekcah xinU / lreP rehtona tsuJ";sub p{ @p{"r$p","u$p"}=(P,P);pipe"r$p","u$p";++$p;($q*=2)+= $f=!fork;map{$P=$P[$f^ord ($p{$_})&6];$p{$_}=/ ^$P/ix?$P:close$_}keys %p}p;p;p;p;p;map{$p{$_}=~/^[P.]/&& close$_}%p;wait until$?;map{/^r/&&<$_>}%p;$_= $d[$q];sleep rand(2)if/S/;print This tiny Perl program displays the text «Just another Perl/Unix hacker», multiple characters at a time, with delays. Source: Wikipedia Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 34. Software Protection void primes(int cap) { int i, j, composite; for(i = 2; i < cap; ++i) { composite = 0; _(__,___,____,_____){___/__<=_____?_(__,___ for(j = 2; j * j <= i; ++j) +_____,____,_____):!(___%__)?_(__,___ +_____,___%__,_____):___%__==___/ composite += !(i % j); __&&!____?(printf("%dt",___/__),_(__,___ if(!composite) +_____,____,_____)):(___%__>_____&&___ printf("%dt", i); %__<___/__)?_(__,___+ _____,____,_____+!(___/__%(___ } %__))):___<__*__?_(__,___ } +_____,____,_____):0;}main(void) {_(100,0,0,1);} int main(void) { primes(100); } This simple C program implements Erastothene’s Sieve. Source: Wikipedia Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 35. Software Protection Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 36. Software Protection Very different capabilities Code source vs. binary obfuscation Supported languages .NET, C#, Java, Javascript, C/C++ Costs of obfuscation Code size, code speed Resistance to RE Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 37. Software Protection Advanced Obfuscation Techniques Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 38. Packing Packers (executable compression/ encryption) have been used to thwart RE Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 39. Code Flattening Code transformations Break loops, conditional structures Transform code in «spaghetti code» ... Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 40. Opaque Predicates Opaque predicates is a (Boolean) expression for which Outcome a priori known by the programmer Reverse engineer has to execute it to know the answer Force moving from static analysis to dynamic analysis/debugging/ emulation. Can be evil if using real crypto :-) Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 41. Code Interleaving Idea: systematically identify portions of code that can be run in parallel (i.e., which do not depend on each others) Interleave those code portions Go down to the instruction level, if possible Maybe add additional junk code Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 42. Virtualisation Push the concept of packer a bit further, and rewrite SW as (custom) byte-code aimed for a (custom) VM Idea can be pushed further by iterating the process, but beware of performances... Use tricky, esoteric, exotic, but still Turing-complete computer architectures: brainfuck (8 instr. with no operands) subleq (1 instr. with 3 operands) ... Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 43. Playing with Networks When you have a (fast network) at your disposal, you can leverage this ! Sending tamper-proofing challenges with 1s answer delay Sending sensitive code encrypted and on- demand Techniques mostly used by the online gaming industry to avoid cheating. Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 44. Hacking with LLVM Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 45. Why ? No satisfactory open-source tool able to obfuscate C/C++ Cool new research playground ! Have already worked on the subject in other lives RE is hard, protecting against RE in an efficient way is even harder ! Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 46. Obfuscator Project HES-SO-funded 1-year project HEIG-VD PJ, Greg Ruch, Julien Rinaldini + master students, with focus on source code obfuscation EIA-FR Jean-Roland Schuler + research assistants, with focus on binary code obfuscation Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 47. Obfuscator Project Goals of «Obfuscator»: Create knowledge & know-how on the subject at HES-SO Develop prototype tools Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 48. Obfuscator Project Explored and abandoned paths: C language parser and code modifier written in Python (Sébastien Bischof) Code flattening implemented Too much time spent on the parser :-/ Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 49. Obfuscator Project Explored and abandoned paths: Extending the GNU compiler suite Almost no documentation Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 50. Obfuscator Project Explored and abandoned paths: Extending the LLVM CLang front-end (Grégory Ruch) APIs not very stable, and not really adapted for this task Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 51. Obfuscator Project Why focusing on C/C++ ?! Why not using the excellent design of LLVM and be (a bit) more ambitious ? & obfuscator Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 52. Obfuscator Project Let us work on the LLVM intermediate representation (IR) ! Clean and stable APIs Fully documented Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 53. Obfuscator Project LLVM interesting features Front-ends for C, C++, Objective-C, Fortran, Java, Ada, ... Back-ends for X86, X86-64, PowerPC, PowerPC-64, ARM, Thumb, SPARC, Alpha, CellSPU, MIPS, MSP430, SystemZ, and XCore «Optimizations» passes order can be fine- tuned Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 54. Obfuscator Project Current concrete results, besides failures: Developed a test-bed (!) Developed several simple obfuscations passes Code substitution Development of a code-flattening pass on- going But still a long, hard way to go !! Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 55. Obfuscator Project // For each basicblock for (Function::iterator i = F.begin(), e = F.end(); i != e; ++i) { BasicBlock *blk = i; // For each instruction for (BasicBlock::iterator j = blk->begin(), e = blk->end(); j != e; ++j) { llvm::Instruction *inst = j; // If it's a binary operation if(inst->isBinaryOp()) { unsigned opcode = inst->getOpcode(); int operand; // Go to right opcode switch(opcode) { case Instruction::Add: case Instruction::FAdd: // Choose one substitution randomly switch(rand()%6) { // Implementation of a = b - (-c) case 0: // Create a neg value varName += "_"; var = new Twine(varName); // Create sub if(opcode == Instruction::FAdd) { op = BinaryOperator::CreateFNeg(cast<Value>(inst- >getOperand(1)),*var,inst); finalOp = BinaryOperator::Create(Instruction::FSub, cast<Value>(inst->getOperand(0)),cast<Value>(op),inst->getNameStr(),inst); } else { op = BinaryOperator::CreateNeg(cast<Value>(inst- >getOperand(1)),*var,inst); finalOp = BinaryOperator::Create(Instruction::Sub, cast<Value>(inst->getOperand(0)),cast<Value>(op),inst->getNameStr(),inst); } // Check signed wrap Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 56. Conclusion Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 57. Conclusion Obfuscation is a fascinating research playground Obfuscation needs will increase in the future (personal prediction) Mobile platforms Embedded SW platforms Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland
  • 58. Contact Information Website http://crypto.junod.info Twitter @cryptopathe E-mail pascal@junod.info Pascal Junod -- Software Obfuscation: Quid Novi ? ASF-WS, October 27th, 2011,Yverdon-les-Bains, Switzerland