Dailydave mailing list archives
sh -c "Binary | Python > Python"
From: Dave Aitel <dave () immunityinc com>
Date: Fri, 10 Aug 2007 17:33:15 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I've posted Dami's talk here: http://www.immunityinc.com/resources-papers.shtml in both OpenOffice and PDF formats. One thing I've been thinking about lately is how people assume that if it's not written in C++, that it's not "real". For example, although Immunity Debugger contains some default analysis built in and we could always extend that in C++, it would be insane to do so. Immunity's current thoughts on doing binary analysis are: Do it by building a Python program (aka, ID plugin) that builds a Python program from your binary. Then run that program to emit vulnerabilities, psuedocode, specialized graphs, ERESI, or whatever you want. If you can annotate and modify your Python program from dynamic analysis (aka, running the target process) or simply by hand-editing (you know Python already, right?), taint flows, etc. then so much the better. The ERESI team is doing some good work on a specialized set of auditing languages (lisp-like, I believe). This is a cool idea, but for me it seems more logical to use Python as the language you build from the binary. I'd be cool if they'd respond here to tell us the features of the specialized language they're using so mere mortals can understand it. :> - -dave -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGvNmaB8JNm+PA+iURAvprAKCPjLHW5jWxEkcrc6HR4MdKplcR5gCeLVvW 3sBvJpU2Ix77SIlCmfxiIuo= =0iIE -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- sh -c "Binary | Python > Python" Dave Aitel (Aug 10)