Defeating the Transparency Feature of DBI

Channel:
United States All Hacking Cons
Subscribers:
5,970
Published on ● Video Link: https://www.youtube.com/watch?v=zC1dw7uTLpY


Duration: 23:53
2 views
0

DynamoRIO and similar dynamic binary instrumentation (DBI) systems are used for program analysis, profiling, and comprehensive manipulation of binary applications. These DBI tools are critical for malware analysis, program feature collections, and virtual machine binary translations. An important aspect of these DBI tools is the transparent feature, i.e. the binary application (such as malware) being analyzed is not modified and is not aware of the runtime code manipulation.

This presentation shows techniques that break the transparency feature of popular DBI tools (such as DynamoRIO and PIN). We will provide code that presents different behaviors when running on native hosts vs. running with DBI and vs. running on VM. The detection is based on specially crafted X86 instruction sequences that expose the fundamental limitation of binary instrument and translation. In this talk, we will also present position independent NOP sequences that can be used to help evade detections and differentiate different types of X86 decoders.
PRESENTED BY
Kang Li, Xiaoning Li


Black Hat - USA - 2014 Hacking conference
#hacking, #hackers, #infosec, #opsec, #IT, #security



Other Videos By All Hacking Cons


2022-01-03Sidewinder Targeted Attack Against Android in the Golden Age of Ad Libs
2022-01-03Smart Nest Thermostat A Smart Spy in Your Home
2022-01-03Thinking Outside the Sandbox Violating Trust Boundaries in Uncommon Ways
2022-01-03Why Control System Cyber Security Sucks
2022-01-02The Networked Security State Estimation Toolkit
2022-01-02Cybersecurity as Realpolitik by Dan Geer presented at Black Hat USA 2014
2022-01-02BadUSB On Accessories that Turn Evil by Karsten Nohl Jakob Lell
2022-01-02Finding and Exploiting Access Control Vulnerabilities in Graphical User Interfaces
2022-01-02Data Only Pwning Microsoft Windows Kernel
2022-01-0248 Dirty Little Secrets Cryptographers Don't Want You To Know
2022-01-02Defeating the Transparency Feature of DBI
2022-01-02Fingerprinting Web Application Platforms by Variations in PNG Implementations
2022-01-02802 1x and Beyond
2022-01-02From Attacks to Action Building a Usable Threat Model to Drive Defensive Choices
2022-01-02Bitcoin Transaction Malleability Theory in Practice
2022-01-02A Journey to Protect Points of Sale
2022-01-02Extreme Privilege Escalation on Windows 8 UEFI Systems
2022-01-02Babar ians at the Gate Data Protection at Massive Scale
2022-01-02Exposing Bootkits with BIOS Emulation
2022-01-02Attacking Mobile Broadband Modems Like a Criminal Would
2022-01-02Creating a Spider Goat Security with Intel CPU Transactional Memory Support


Tags:
data
hacker
security
computer
cyber
internet
technology
hacking
attack
digital
virus
information
hack
online
password
code
web
concept
protection
network
malware
secure
identity
criminal
phishing
software
access
safety
theft
system
firewall
communication
business
privacy
binary
account
spy
programmer
program
spyware
hacked
hacking conference
conference
learn
how to
2022
2021
cybersecurity
owned
break in
google
securing
exploit
exploitation
recon
social engineering
Kang Li
Xiaoning Li