-atlas wandering-
Bloggorama for breaking things
\
- /(38)
Subscribe
Subscribe
to a (RSS) feed of this weblog.
Wed, 28 Mar 2007
shmoolet
This is labelled shmoolet because it's a little blog about shmoo.
Shmoo was great this year, and it had largely to do with seeing you all again. It was great to reconnect with friends I only see once or twice a year.
Hilites of the con:
* ASI put up a "hackit" challenge, a bunch of puzzles which reminded me of a few areas I'm rusty or downright bad at. Good exercizes. The ASI guys themselves were pretty awesome too. Great job guys.
* H1kari and friends showing that the cryptography numbers games has shifted in favor of the attackers. Crypto has always been a numbers game. How long do you need the information to be safe? 100,000,000 years? Fine, here's your crypto algorithm. Unfortunately (fortunately for some?) use of FPGA's has proven to yield roughly 1000 times the processing speed of modern x86 hardware. Time to recalculate our crytpo safety...
* Raven with the gratuitous name-drop of GPF (General Purpose Fuzzer), written by my friend JROD
* Raven and j0hnny long being verbally (and physically?) accosted (WTF is that about!?)
* atlas and his mild mannered alter ego having some identity crisis
* SHMOOBALL FIGHT! Closing Ceremonies has never been so fun ;)
* kurios nearly ripping someone's arm out of its socket clammering for Keith Myers CD.
* Renderman and sharing of Shmoo-tables (choops render)
* Kevin Mitnick hogging Renderman's Shmoo-tables. Shame on you :)
* Keith Myers rockin' the third-story of some cattle-herd bar (ie. we couldn't really move, unless the guy (or hopefully girl) next to you moved. Made dancing interesting. Almost a sort of line-dancing orgy. I just drank and watched.
* Jay Beale and Sharky cuttin' a rug.
* Window
* Jay Beale and his "posse" at 2:30am
* Intelguardians and the magical blue
* H1kari's less-crowded party (thanks for the breathing room!)
* G Mark and hacking at 50. Great talk. Great guy. Great insight.
* Bio-warfare with certain individuals' sickness.... ew...
Take care all. Hopefully see you all again at defcon.
@
ps. Yes, I was there. I was incognito.
[] permanent link / /
disass v3.0
disass v3.0 is staged and currently in alpha status. It disassembles using a modular infrastructure, allowing for different disassembly libraries (currently using py/libdasm), and virtually any type of binary executable format. Currently, deep support of ELF binaries is included, and basically reuses a lot of concepts from disass v2.3. A PE parser has just been completed, but is still considered alpha-level. A Mach-o file parser is scheduled in the near future, as is plugins for other disassembly libraries, namely Immunity's libdisassemble.
Many other vuln-finding additions are on the drawing-board.
One of the biggest differences from the 2.x versions is objdump is no longer used. disass v3.0 is basically a complete rewrite, leveraging things learned from v1.x and 2.x. However, both previous versions have relied completely on textual output from objdump's disassembler. disass v3.0 is dealing with opcodes, not lines of text. This is proving to be very powerful. It is also proving to be a new learning experience, as memory-usage and processing are have to be balanced. Currently, disass v3.0 is every bit as fast as v2.3, with much more power. Better leverage of OOP allows for better tracking of jmps, calls, and now the addition of Memory Reference tracking. More complex applications build structures of functions, and rather than calling the address directly, the function address is loaded from memory into a register and called from the structure. This is particularly true of event-handling code. Subs will now indicate if an address has been referenced in another sub. While this doesn't tie the caller to the sub, it should provide some grounding and ties to the data-structure which will later be used to call the sub.
Have fun all
@
[] permanent link / /
| |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||