PAPER: Dynamic Data Flow Analysis via Virtual Code Integration (aka The SpiderPig case)
- To: "FULLDISC" <full-disclosure@xxxxxxxxxxxxxxxxx>
- Subject: PAPER: Dynamic Data Flow Analysis via Virtual Code Integration (aka The SpiderPig case)
- From: "Piotr Bania" <bania.piotr@xxxxxxxxx>
- Date: Mon, 18 May 2009 14:32:01 +0200
- Cc: "SBUGTRAQ" <bugtraq@xxxxxxxxxxxxxxxxx>
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:from:to:cc:subject :date:mime-version:content-type:content-transfer-encoding:x-priority :x-msmail-priority:x-mailer:x-mimeole; bh=LLLNTfaulI9+hlAIqxVqBarOewMCiv87bh5oLscF86w=; b=r3VTROn7T3mOdFuSesIBY/lxKhUMGkiKa1XrZKbsHK+5/PVTye4g+no+tBFFj4Sfav za9rJovCmehpX3JKSm0wsJWEs5G5ZHe0sywKt3hXeDncA5fyW29ZQHSFbIRkfQ1p8oWo 5J4K12GEeyOmzMdB+PVv3NC88177QWMd4nY60=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:from:to:cc:subject:date:mime-version:content-type :content-transfer-encoding:x-priority:x-msmail-priority:x-mailer :x-mimeole; b=qodABPxeT368F1Lb1nD0z8GQEWLNBbeJgPiU9c+M3jbZiHd6iZcpKVdKD7zzbhk3S+ W0JqED8H3CUaCjJNn4st30Xe+Ochz/rWcYJ/CzIHsDRnXc4fUc2OctEeJ62pZQjmt+rh lEtSUb96v0ufnU0qrirBEgpEv+7htt9EFq0mQ=
- List-help: <mailto:bugtraq-help@securityfocus.com>
- List-id: <bugtraq.list-id.securityfocus.com>
- List-post: <mailto:bugtraq@securityfocus.com>
- List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
- List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
- Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
SpiderPig is a project created for performing and visualizing data flow
analysis of a selected binary program. SpiderPig was created in the purpose
of providing a tool which would be able to help vulnerability and security
researchers with tracing and analyzing any necessary data and it's further
propagation. Such tasks are very often crucial in the vulnerability
discovering/identifying process and typically require a lot of time
consuming manual work. Following paper discusses methods and techniques
implemented in SpiderPig in order to perform semi-automatic data flow
analysis.
Paper is available here:
http://piotrbania.com/all/spiderpig/pbania-spiderpig2008.pdf
Simple video demo and some other things available on project website:
http://piotrbania.com/all/spiderpig/
best regards,
Piotr Bania
--
--------------------------------------------------------------------
Piotr Bania - <bania.piotr@xxxxxxxxx> - 0xCD, 0x19
Fingerprint: 413E 51C7 912E 3D4E A62A BFA4 1FF6 689F BE43 AC33
http://www.piotrbania.com - Key ID: 0xBE43AC33
--------------------------------------------------------------------
- "The more I learn about men, the more I love dogs."
P.S Did ya know adult pigs can run at speeds of up to 11 miles an hour?