This course on Static Binary Instrumentation covers the tool IDA2Obj, designed for dumping multiple object files from one executable binary for code coverage collection and integration with fuzzing engines. The course teaches the implementation of the tool from scratch, integration with fuzzing engines, and provides a demo of its usage. Students will learn about SBI/DBI, object file formats, instrumentation techniques, and overcoming challenges in binary analysis. The course is suitable for cybersecurity professionals, malware analysts, vulnerability researchers, and those interested in binary analysis and reverse engineering.
Overview
Syllabus
MICKEY JIN
# whoami
What is SBI/DBI ?
My First Idea
IDA2MASM: My First Solution
Export ASM File
Split By Segments
Re-Assemble
Tune Grammar List (Partial)
Link Issue
Link Solution
Patch The New Built Binary
Crash Root Cause
Think Of The Essence
My Second Idea (Algorithm)
Linker Does The Magic
Object File Format • Object file is COFF (Common Object File Format)
cough: Object File Writer • Repo : Install: pip install cough Tutorial
Encapsulate Some Primitives
Dump Objects
Instrumentation & Trampoline
Architecture
_afl_maybe_log
Harness
The Real Challenge & The Solu
FixRVA.py
Compression Scheme of FH4
Solution For FH4
Takeaway Two SBI implementations
Future Plan
HITB SECCONF SIN-2021 VIRTUAL EDITION
Taught by
Hack In The Box Security Conference
