DEFCON 14: Bridging the Gap Between Static and Dynamic Reversing
Speaker: Luis Miras, Vulnerability Researcher, Intrusion Inc.
Abstract:
Reverse engineering continues to evolve, or rather REvolve. The reverse engineering toolset primarily consists of disconnected disassemblers and debuggers. Without symbol information or data acquired from disassembly, the use of a debugger can be blind and tedious.
Reverse engineering has fueled the need to enable these tools to work together. When disassemblers and debuggers are used in conjunction, the resulting union is greater than sum of the disparate parts.
To bridge the gap between disassemblers and debuggers, I will be releasing two IDA Pro plugins.
pdbgen-Generates custom pdb files from the IDA Pro database. The pdb file can then be loaded into a debugger, transferring symbolic information.
Redress-Reinserts debug information from the IDA Pro database into stripped ELF executables. The inserted debug information will be available in GDB.
During this talk, I will review the other tools and plugins that perform similar bridging functions. I will then present a live demonstration of pdbgen and REdress, streamlining the reversing process.
For more information visit: http://bit.ly/defcon14_information
To download the video visit: http://bit.ly/defcon14_videos
