8:44
Bytecode Hacking
Bytecode Hacking
Command Prompt is in 'all programs - accessories' You will need: Flasm: flasm.sourceforge.net sothink: isohunt.com notepad++: notepad-plus.sourceforge.net
27:21
Bytecode: What, Why, and How to Hack it - Dr. Ryan F Kelly
Bytecode: What, Why, and How to Hack it - Dr. Ryan F Kelly
What's python really doing when it runs your scripts, and what's with all these .pyc files? Get inside the head of python.exe, learn how it sees your code, and then twist it to your own evil ends. This talk will discuss the basics of python's bytecode format, why and how it is used, and how you can dive into the bytecode of your running program - either to better understand its behaviour, or to make it do things to was never supposed to do....
2:00
Looking at ByteCode
Looking at ByteCode
Today we take a look at how far down into a method you can drill: straight down to bytecode
3:53
Use of Javap java bytecode decompiler
Use of Javap java bytecode decompiler
How you ever wonder to read the java bytecode the tool you looked for is javap. Here I have added a small demonstration on how this javap can be used and some basic reading of javap command.
2:40
Bytecode R
Bytecode R
My first remix of a song that I found on my four year old harddrive. I believe I downloaded it from a royalty free music website. I'm not actually sure what it originally was called. Remixed with FL Studio 9.
6:40
Jakash3's Bytecode Language
Jakash3's Bytecode Language
jakash3.wordpress.com Hex editor used in the video is called HxD. This is practically a virtual machine, a small and simplistic scale compared to frameworks like Java or .NET.
4:16
CVE-2011-0609 : Adobe Flash Player AVM Bytecode Verification Vulnerability
CVE-2011-0609 : Adobe Flash Player AVM Bytecode Verification Vulnerability
Blog : eromang.zataz.com Twitter twitter.com Timeline : Vulnerability discovered exploited in the wild This vulnerability was used to attack RSA First information about the 0day published the 2011-03-11 Security Advisory APSA11-01 posted by the vendor the 2011-03-14 First vulnerability analysis provided by villy the 2011-03-15 Metasploit PoC provided by bannedit the 2011-03-22 PoC provided by: Unknown bannedit Reference(s) : CVE-2011-0609 APSA11-01 OSVDB-71254 Affected versions : Adobe Flash Player 10.2.152.33 and earlier versions for Windows, Macintosh, Linux and Solaris Adobe Flash Player 10.2.154.18 and earlier for Chrome users Adobe Flash Player 10.1.106.16 and earlier versions for Android Adobe Reader and Acrobat X (10.0.1) Earlier 10.x and 9.x versions of Reader and Acrobat for Windows and Macintosh Tested on Windows XP SP3 with : Internet Explorer 6.0.2900.5512 Adobe Flash Player 10.2.152.26 Description : This module exploits a vulnerability in Adobe Flash Player. This issue is caused by a failure in the ActionScript3 AVM2 verification logic. This results in unsafe JIT(Just-In-Time) code being executed. Specifically, this issue results in uninitialized memory being referenced and later executed. Taking advantage of this issue relies on heap spraying and controlling the uninitialized memory. Currently this exploit works for IE6, IE7, and Firefox 3.6 and likely several other browsers. DEP does catch the exploit and causes it to fail. Due to the nature of the <b>...</b>
46:10
Lua: Mitigating the Danger of Malicious Bytecode
Lua: Mitigating the Danger of Malicious Bytecode
Talk by Peter Cawley at the Lua Workshop in Switzerland, September 8th 2011. In Lua 5.1 and 5.2, the family of load functions permit the loading of precompiled bytecode in addition to plain source code. We shall look at some relevant details of the bytecode, and see how these details can be maliciously abused to escape from a Lua sandbox (in both 5.1 and 5.2). With the dangers presented, we shall then move to look at two ways of mitigating them. Firstly, one can wrap the load functions as to reject bytecode before it is loaded. Secondly, and more interestingly, one can attempt to algorithmically decide whether a given piece of bytecode is malicious or not. We shall look at two such algorithms for validating bytecode: LBCV, which tries to reject as little as possible, and my current experimental verifier, which tries to accept as little as possible.
1:47
Byte Code Securities
Byte Code Securities
Byte Code Securities learn hacking learn mobile hacking hacking workshops.
87:38
Eliot Miranda: Bytecode Optimization
Eliot Miranda: Bytecode Optimization
This talk summarises two decades of work on Smalltalk and Self compilation and virtual machine technology and describes a novel attempt at an adaptive optimizer for Smalltalk that is written in Smalltalk and to a meaningful extent, portable across implementations. Smalltalk-80 and Self are fully object-oriented implicitly typed dynamic programming languages and interactive programming environments hosted above virtual machines that appear to execute stack-oriented bytecode for a pure stack machine. These systems' code and execution state are all represented by objects programmed in Smalltalk, such that the compiler, debugger, exception system and more are all implemented entirely in Smalltalk and available to the programmer for immediate incremental and interactive modification.
13:06
squeak smalltalk tutorial: squeak VM and bytecode part 0 0.0.0.35.mov
squeak smalltalk tutorial: squeak VM and bytecode part 0 0.0.0.35.mov
examining the byte code of a compiled method as you change the method to become more and more complicated. A great way of getting insight into how smalltalk works at the level of the virtual machine.
2:02
Byte-Code Meetup 2010 Promo
Byte-Code Meetup 2010 Promo
INTERLAKEN The fourth annual Byte-Code MeetUp, a combination of sessions, talks, workshops, and hackfests in which contributors work on specific initiatives, will be arriving in Interlaken - Switzerland July 02-03-04, 2010 at the Lindner Grand Hotel Beau Rivage. Topics include infrastructure, feature development, community building, general management and governance, marketing, testing and much more. ---------- SCHEDULING Friday 02nd July 20.00 - Welcome cocktail (indicando l'hotel) Saturday 03rd July 09.30 - Keynotes and sessions 13.00 - Lunch 14.00 - Technical Sessions 21.00 - Party Dinner (indicando il luogo) Sunday 04th July 10.00 - Exciting Canynionig Outdoor activity!!! www.byte-code.com
13:21
Part2/2 - HPW2011 - Efficient Analysis of Malicious Bytecode - Georg Wicherski
Part2/2 - HPW2011 - Efficient Analysis of Malicious Bytecode - Georg Wicherski
Generic shellcode detection at arbitrary bytestream level has been discussed before, this implementation takes it to a performant level where a commodity laptop can do it on 1 Gbit linespeed. Slides can be found here: honeynet.org
14:58
DEFCON 18: pyREtic: In memory Reverse Engineering for Obfuscated Python Bytecode 1/3
DEFCON 18: pyREtic: In memory Reverse Engineering for Obfuscated Python Bytecode 1/3
Speaker: Rich Smith Increasing numbers of commercial and closed source applications are being developed in Python. Developers of such applications are investing more & more to stop people being able to see their source code through a variety of code obfuscation techniques. At the same time Python is an increasingly present component of 'Cloud' technologies where traditional bytecode decompilation techniques fall down through lack of access to files on disk. The pyREtic presentation discusses the techniques and subsequent toolkit developed while trying to audit one such closed source Python application. The methodology behind the approaches used as well as practicalities of reverse engineering at the Python level (rather than the assembly level that we are all more familiar with) will be discussed as well as releasing a toolkit. The toolkit is able to reverse Python applications from live objects in memory as opposed to decompiling .pyc bytecode files, it also shows how to defeat the techniques most commonly employed to obfuscate Python code today. This will allow people to find bugs in code that was previously opaque to them. For presentations, whitepapers or audio version of the Defcon 18 presentations visit: defcon.org
14:58
Black Hat USA 2010: pyREtic: Reversing Obfuscated Python Bytecode Live Python Objects 1/5
Black Hat USA 2010: pyREtic: Reversing Obfuscated Python Bytecode Live Python Objects 1/5
Speaker: Rich Smith Increasing numbers of commercial and closed source applications are being developed in Python. The Developers of these applications are investing increasing amounts to stop people being able to see their source code through by a variety of bytecode obfuscation efforts. At the same time Python is an increasingly present component of 'The Cloud' where traditional decompilation techniques fall down through lack of access to files on disk. This presentation outlines a methodology, and releases a toolkit, to be able to reverse obfuscated Python applications from live objects in memory as well as showing how to defeat the obfuscation techniques commonly employed today. This will allow people to find bugs in code that was previously opaque to them. For more information click here (bit.ly
2:35
Wild Cards in Bytecode hacking
Wild Cards in Bytecode hacking
Another part to my bytecode hacking tutorial
14:58
Black Hat USA 2010: pyREtic: Reversing Obfuscated Python Bytecode Live Python Objects 2/5
Black Hat USA 2010: pyREtic: Reversing Obfuscated Python Bytecode Live Python Objects 2/5
Speaker: Rich Smith Increasing numbers of commercial and closed source applications are being developed in Python. The Developers of these applications are investing increasing amounts to stop people being able to see their source code through by a variety of bytecode obfuscation efforts. At the same time Python is an increasingly present component of 'The Cloud' where traditional decompilation techniques fall down through lack of access to files on disk. This presentation outlines a methodology, and releases a toolkit, to be able to reverse obfuscated Python applications from live objects in memory as well as showing how to defeat the obfuscation techniques commonly employed today. This will allow people to find bugs in code that was previously opaque to them. For more information click here (bit.ly
13:40
Part 1/2 - HPW2011 - Efficient Analysis of Malicious Bytecode - Georg Wicherski
Part 1/2 - HPW2011 - Efficient Analysis of Malicious Bytecode - Georg Wicherski
Generic shellcode detection at arbitrary bytestream level has been discussed before, this implementation takes it to a performant level where a commodity laptop can do it on 1 Gbit linespeed. Slides can be found here: honeynet.org
14:58
DEFCON 18: pyREtic: In memory Reverse Engineering for Obfuscated Python Bytecode 2/3
DEFCON 18: pyREtic: In memory Reverse Engineering for Obfuscated Python Bytecode 2/3
Speaker: Rich Smith Increasing numbers of commercial and closed source applications are being developed in Python. Developers of such applications are investing more & more to stop people being able to see their source code through a variety of code obfuscation techniques. At the same time Python is an increasingly present component of 'Cloud' technologies where traditional bytecode decompilation techniques fall down through lack of access to files on disk. The pyREtic presentation discusses the techniques and subsequent toolkit developed while trying to audit one such closed source Python application. The methodology behind the approaches used as well as practicalities of reverse engineering at the Python level (rather than the assembly level that we are all more familiar with) will be discussed as well as releasing a toolkit. The toolkit is able to reverse Python applications from live objects in memory as opposed to decompiling .pyc bytecode files, it also shows how to defeat the techniques most commonly employed to obfuscate Python code today. This will allow people to find bugs in code that was previously opaque to them. For presentations, whitepapers or audio version of the Defcon 18 presentations visit: defcon.org
43:58
Defcon 18 - pyREtic - In memory reverse engineering for obfuscated Python bytecode
Defcon 18 - pyREtic - In memory reverse engineering for obfuscated Python bytecode
This video is part of the Infosec Video Collection at SecurityTube.net: www.securitytube.net Defcon 18 - pyREtic - In memory reverse engineering for obfuscated Python bytecode Slides - https Increasing numbers of commercial and closed source applications are being developed in Python. Developers of such applications are investing more more to stop people being able to see their source code through a variety of code obfuscation techniques. At the same time Python is an increasingly present component of 'Cloud' technologies where traditional bytecode decompilation techniques fall down through lack of access to files on disk. The pyREtic presentation discusses the techniques and subsequent toolkit developed while trying to audit one such closed source Python application. The methodology behind the approaches used as well as practicalities of reverse engineering at the Python level (rather than the assembly level that we are all more familiar with) will be discussed as well as releasing a toolkit. The toolkit is able to reverse Python applications from live objects in memory as opposed to decompiling .pyc bytecode files, it also shows how to defeat the techniques most commonly employed to obfuscate Python code today. This will allow people to find bugs in code that was previously opaque to them.
