4 posts in tag taint

REVEN in your toolkit

20 Feb 2015 - Reven - Reven Axion taint

Reven provides many analysis tools but still might lack some of your favorite tool features. To address this issue we created a Python API to allow you to create and share plugins. We also developed some ourselves to make REVEN’s interaction with external tools possible. Universal debugging The Gnu debugger...

Decoding function arguments

14 Jan 2015 - Reven - Axion Reven taint

Today I will show you a feature that is pretty useful when analysing an application. We call it the “arguments decoder”, and it displays the content of a function’s arguments when its prototype is known. The latter’s definition can be either extracted from the msdn function and structures, or given...

IE crash analysis

17 Dec 2014 - Reven - Axion Reven taint Reverse Engineering use after free

Today we will analyse a crash of Internet Explorer. Reven scenario generation According to Exodus Intelligence, a vulnerability was silently fixed in MS13-055 patch along with other things. They showed on their blog how to exploit it. We generated our REVEN scenario where we give an html file to Internet...

Data painting

03 Dec 2014 - Reven - Axion Reven taint

http://www.cir.uc.edu/ In this post we’ll present Reven dynamic data tainting capabilities and see some use cases of the tool. Dynamic data tainting The so called data tainting is a well known technique used to analyse the impact of data on a program. The idea is to apply a taint to a...