»Program instrumentation without source code«
2018-10-13, 12:50–13:35, A2
A gentle introduction to program instrumentation using open source tools. This is the second of a two part presentation on Program Instrumentation. This part will focus on instrumentation technologies that can be used when source code is not available for an application.
The presentation will cover instrumentation technologies that can be used when source code is not available for an application. Although multiple uses of instrumentation will be examined, a significant part of the presentation will focus on software security aspects of instrumentation.
The presentation will cover: - What is Binary Instrumentation - Uses for Binary Instrumentation - Types of Binary Instrumentation techniques - Classic instrumentation methods for debugging binaries - Dynamic Binary Instrumentation Frameworks - Discussion of Framework features and limitations - An introduction to DynamoRIO - DynamoRIO based tools - Examining memory safety issues with DynamoRIO - Using DynamoRIO - An overview of the DynamoRIO API - Basic Block Coverage example - Function Hooking example - Taint Analysis example - Combining DynamoRIO with angr