Salvatore Lazzarone

@slazzarone

Software security antagonist. Currently hacking LLVM for pasta.

Vrijeme pridruživanja: travanj 2015.

Tweetovi

Blokirali ste korisnika/cu @slazzarone

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @slazzarone

  1. proslijedio/la je Tweet
    1. stu 2018.

    what's the difference between keys stored in Android P's "StrongBox" versus the ones stored in the old "HW-backed keystore"? StrongBox = Secure Element // HW-backed = TEE? Can't find a clear statement in the docs... Thanks!

    Poništi
  2. proslijedio/la je Tweet
    24. stu 2019.
    Poništi
  3. proslijedio/la je Tweet
    10. stu 2019.
    Odgovor korisniku/ci

    Did you really obfuscate it ?! I mean you profit from other companies mistakes and try to hide what should be public ... At least you could do better than o-llvm 😂

    Poništi
  4. proslijedio/la je Tweet
    27. kol 2019.

    Our () paper "SATURN - Software deobfuscation framework based on LLVM" is finally accepted to the ACM CCS SPRO 2019 workshop. If you are interested into software deobfuscation based on , Souper Optimizer () and Remill () join us in london!

    Poništi
  5. proslijedio/la je Tweet
    17. tra 2019.

    New blog entry: An Abstract Interpretation-Based Deobfuscation Plugin for Ghidra

    Poništi
  6. 16. tra 2019.

    Solving the structured control flow problem once and for all by Yuri Iozzelli . This remind me the DREAM paper . Normalizing the CFG before structuring it seam the way to go to for optimal results.

    Poništi
  7. 8. tra 2019.

    Neat work from . Would be nice to test against REMILL.

    Poništi
  8. proslijedio/la je Tweet
    10. ožu 2019.

    My current experience with on two very large and heavily obfuscated iOS apps: one analysis crashed after about 24h. The other seems to be still running but that's not entirely clear if it is though. (By comparison IDA will finish the analysis in about 12/24 hours I think)

    Prikaži ovu nit
    Poništi
  9. 25. velj 2019.
    Poništi
  10. 4. velj 2019.

    whoops: "the obfuscation actually makes our job as attackers easier, since it gives us a plethora of useful JOP gadgets not protected by PAC"

    Poništi
  11. proslijedio/la je Tweet
    15. lis 2018.

    Vectorized Emulation: Hardware accelerated taint tracking at 2 trillion instructions per second

    Prikaži ovu nit
    Poništi
  12. proslijedio/la je Tweet
    26. velj 2018.

    New publication: Concrete and Abstract Interpretation, Explained through Chess (math)

    Poništi
  13. proslijedio/la je Tweet
    5. pro 2017.

    Deobfuscating Warbird by Alexander Gazet, & windbg code and brief summary from an unpublished chapter of our book it is probably the only public analysis of WB obfuscation.

    Poništi
  14. 19. stu 2017.

    Had a great time .Thanks for the slick Manticore intro. Impressive stuff: binary symbolic execution has never been easier. Currently thinking of how to get llvm IR from it...

    Poništi
  15. proslijedio/la je Tweet
    24. lis 2017.
    Odgovor korisniku/ci

    02 e0 11 11 (THUMB) = b 0x8 ; asrs r1, r2, #4 02 e0 11 11 (ARM) = tstne r1, r2 .. put ARM trampoline at 0x4 to branch over THUMB code at 0x8

    Poništi
  16. 27. pro 2016.
    Odgovor korisniku/ci

    . You should give a try. It will keep IDA sync on winDBG and do the rebasing on the fly.

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·