4 posts in archive

IE crash analysis

17 Dec 2014 - Reven - Axion Reven taint Reverse Engineering use after free

Today we will analyse a crash of Internet Explorer. Reven scenario generation According to Exodus Intelligence, a vulnerability was silently fixed in MS13-055 patch along with other things. They showed on their blog how to exploit it. We generated our REVEN scenario where we give an html file to Internet...

Data painting

03 Dec 2014 - Reven - Axion Reven taint

http://www.cir.uc.edu/ In this post we’ll present Reven dynamic data tainting capabilities and see some use cases of the tool. Dynamic data tainting The so called data tainting is a well known technique used to analyse the impact of data on a program. The idea is to apply a taint to a...

Exploring text strings

21 Nov 2014 by Mathieu - Reven - Axion Reven Reverse Engineering

A program’s text strings often carry a lot of information, and are a basic although essential guide while analysing binaries. In this article we’ll see how REVEN handles and presents them. We’ll also see how one can automatically use this data to gain a better understanding a program’s behavior. The...

Following memory history with REVEN-Axion

14 Nov 2014 - Reven - Axion Reven Reverse Engineering

When working on traces of millions of instructions, one of the biggest challenges can be to detect the small portions of the code that are actually interesting. In this article, we have an application that reads from the network. We will show how to quickly find where the network frames...