Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.
Reverse-Engineering Flash Files with SWFRETools<br />Sebastian Porst (sp@porst.tv) – SOURCE Boston 2011<br />
About Me<br />2<br />
Current Work<br />3<br />
What this talk is about<br />Ship it!<br />4<br />
What this talk is not about<br />5<br />
Why is this relevant?<br />6<br />
SWF Files: An Overview<br />Header<br />Tag 1<br />Tag 2<br />Tag 3<br />Tag 4<br />…<br />Tag n<br />7<br />
SWF Files: Interesting Aspects<br />8<br />
Existing Tools<br />SWFTools<br />Flash Dump Decompiler<br />swfmill<br />Sothink SWF Decompiler<br />9<br />
Problems with existing tools<br />SWFTools<br />Flash Dump Decompiler<br />Crashes<br />Old<br />Limited<br />Wrong tool<b...
Introducing SWFRETools<br />11<br />
Goals<br />12<br />
Architecture<br />13<br />
Tool I: The Parser<br />14<br />
Parser Goals<br />15<br />
Workflow Intermezzo I<br />16<br />
Tool 2: Flash Dissector<br />17<br />
Flash Dissector Goals<br />18<br />
Flash Dissector Demo<br />19<br />
Weaknesses of Flash Dissector<br />20<br />
Flash Dissector Future<br />21<br />
Workflow Intermezzo II<br />22<br />
Static analysis vs Dynamic analysis<br />23<br />
Detour: Flash Player Debugger<br />24<br />
Detour: Flash Player Debugger<br />25<br />
Tool  III: Tracer/Debugger<br />26<br />
Tracer Implementation<br />27<br />
Last week in China<br />28<br />
Last week in China<br />29<br />
Tracer Plans<br />30<br />
Workflow Intermezzo III<br />31<br />
Minimizing sample files<br />32<br />
Minimizing files without templates<br />33<br />
Do not forget RETURN<br />34<br />Function A<br />Function B<br />Crash here<br />
Tool IV: Minimizer<br />35<br />
Automated minimizing<br />36<br />
Minimizer Goals<br />37<br />
Off to GitHub we go!<br />Shipped!<br />https://github.com/sporst<br />38<br />
Call for participation<br />39<br />
Summary<br />40<br />
Thank you!<br />41<br />?<br />
Let me help …<br />42<br />
Image Credits<br />http://www.flickr.com/photos/markchadwick/4592186576/<br />43<br />
Nächste SlideShare
Wird geladen in …5
×

Sebastian Porst - Reverse-Engineering Flash Files with SWFRETools

164.613 Aufrufe

Veröffentlicht am

Veröffentlicht in: Business, Technologie
  • Als Erste(r) kommentieren

Sebastian Porst - Reverse-Engineering Flash Files with SWFRETools

  1. 1. Reverse-Engineering Flash Files with SWFRETools<br />Sebastian Porst (sp@porst.tv) – SOURCE Boston 2011<br />
  2. 2. About Me<br />2<br />
  3. 3. Current Work<br />3<br />
  4. 4. What this talk is about<br />Ship it!<br />4<br />
  5. 5. What this talk is not about<br />5<br />
  6. 6. Why is this relevant?<br />6<br />
  7. 7. SWF Files: An Overview<br />Header<br />Tag 1<br />Tag 2<br />Tag 3<br />Tag 4<br />…<br />Tag n<br />7<br />
  8. 8. SWF Files: Interesting Aspects<br />8<br />
  9. 9. Existing Tools<br />SWFTools<br />Flash Dump Decompiler<br />swfmill<br />Sothink SWF Decompiler<br />9<br />
  10. 10. Problems with existing tools<br />SWFTools<br />Flash Dump Decompiler<br />Crashes<br />Old<br />Limited<br />Wrong tool<br />swfmill<br />Sothink SWF Decompiler<br />10<br />
  11. 11. Introducing SWFRETools<br />11<br />
  12. 12. Goals<br />12<br />
  13. 13. Architecture<br />13<br />
  14. 14. Tool I: The Parser<br />14<br />
  15. 15. Parser Goals<br />15<br />
  16. 16. Workflow Intermezzo I<br />16<br />
  17. 17. Tool 2: Flash Dissector<br />17<br />
  18. 18. Flash Dissector Goals<br />18<br />
  19. 19. Flash Dissector Demo<br />19<br />
  20. 20. Weaknesses of Flash Dissector<br />20<br />
  21. 21. Flash Dissector Future<br />21<br />
  22. 22. Workflow Intermezzo II<br />22<br />
  23. 23. Static analysis vs Dynamic analysis<br />23<br />
  24. 24. Detour: Flash Player Debugger<br />24<br />
  25. 25. Detour: Flash Player Debugger<br />25<br />
  26. 26. Tool III: Tracer/Debugger<br />26<br />
  27. 27. Tracer Implementation<br />27<br />
  28. 28. Last week in China<br />28<br />
  29. 29. Last week in China<br />29<br />
  30. 30. Tracer Plans<br />30<br />
  31. 31. Workflow Intermezzo III<br />31<br />
  32. 32. Minimizing sample files<br />32<br />
  33. 33. Minimizing files without templates<br />33<br />
  34. 34. Do not forget RETURN<br />34<br />Function A<br />Function B<br />Crash here<br />
  35. 35. Tool IV: Minimizer<br />35<br />
  36. 36. Automated minimizing<br />36<br />
  37. 37. Minimizer Goals<br />37<br />
  38. 38. Off to GitHub we go!<br />Shipped!<br />https://github.com/sporst<br />38<br />
  39. 39. Call for participation<br />39<br />
  40. 40. Summary<br />40<br />
  41. 41. Thank you!<br />41<br />?<br />
  42. 42. Let me help …<br />42<br />
  43. 43. Image Credits<br />http://www.flickr.com/photos/markchadwick/4592186576/<br />43<br />

×