RevEngE: Extensões de Engenharia Reversa para o GDB
Abstract
Reverse engineering binaries is an essential task in the security field, both for legitimate software validation as well as for malware analysis. Whereas GDB is a powerful tool for legitimate program analysis, it presents some drawbacks for analyzing armored malware code. To overcome these drawbacks, we propose RevEngE, a Reverse Engineering Engine that adds malware analysis capabilities to GDB.References
Chen, B., Zeng, Q., and Wang, W. (2014). Crashmaker: An improved binary concolic testing tool for vulnerability detection. In Proceedings of the 29th Annual ACM Symposium on Applied Computing, SAC ’14, pages 1257–1263, New York, NY, USA. ACM.
gef. Gef - gdb enhanced features for exploit devs & reversers. https://github.com/hugsy/gef.
GNU (2019). Gdb: The gnu project debugger. https://www.gnu.org/s/gdb/.
Pwndbg. Pwndbg. https://github.com/pwndbg/pwndbg.
Python.org (2017). gdb support. https://devguide.python.org/gdb/.tdumitra (2015). Using gdb for reverse engineering. http://users.umiacs.umd.edu/~tdumitra/courses/ENEE757/Fall15/misc/gdb_tutorial.html.
gef. Gef - gdb enhanced features for exploit devs & reversers. https://github.com/hugsy/gef.
GNU (2019). Gdb: The gnu project debugger. https://www.gnu.org/s/gdb/.
Pwndbg. Pwndbg. https://github.com/pwndbg/pwndbg.
Python.org (2017). gdb support. https://devguide.python.org/gdb/.tdumitra (2015). Using gdb for reverse engineering. http://users.umiacs.umd.edu/~tdumitra/courses/ENEE757/Fall15/misc/gdb_tutorial.html.
Published
2019-09-02
How to Cite
BOTACIN, Marcus; GALANTE, Lucas; DE GEUS, Paulo; GRÉGIO, André.
RevEngE: Extensões de Engenharia Reversa para o GDB. In: TOOLS - BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 19. , 2019, São Paulo.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2019
.
p. 1-4.
DOI: https://doi.org/10.5753/sbseg_estendido.2019.13997.
