sh -c "Binary | Python > Python"

[Dave Aitel <dave () immunityinc com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I've posted Dami's talk here:
http://www.immunityinc.com/resources-papers.shtml in both OpenOffice
and PDF formats.

One thing I've been thinking about lately is how people assume that if
it's not written in C++, that it's not "real". For example, although
Immunity Debugger contains some default analysis built in and we could
always extend that in C++, it would be insane to do so.  Immunity's
current thoughts on doing binary analysis are: Do it by building a
Python program (aka, ID plugin) that builds a Python program from your
binary. Then run that program to emit vulnerabilities, psuedocode,
specialized graphs, ERESI, or whatever you want. If you can annotate
and modify your Python program from dynamic analysis (aka, running the
target process) or simply by hand-editing (you know Python already,
right?), taint flows, etc. then so much the better.

The ERESI team is doing some good work on a specialized set of
auditing languages (lisp-like, I believe). This is a cool idea, but
for me it seems more logical to use Python as the language you build
from the binary. I'd be cool if they'd respond here to tell us the
features of the specialized language they're using so mere mortals can
understand it. :>

- -dave
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGvNmaB8JNm+PA+iURAvprAKCPjLHW5jWxEkcrc6HR4MdKplcR5gCeLVvW
3sBvJpU2Ix77SIlCmfxiIuo=
=0iIE
-----END PGP SIGNATURE-----

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave