Reassembleable Disassembling
نویسندگان
چکیده
Reverse engineering has many important applications in computer security, one of which is retrofitting software for safety and security hardening when source code is not available. By surveying available commercial and academic reverse engineering tools, we surprisingly found that no existing tool is able to disassemble executable binaries into assembly code that can be correctly assembled back in a fully automated manner, even for simple programs. Actually in many cases, the resulted disassembled code is far from a state that an assembler accepts, which is hard to fix even by manual effort. This has become a severe obstacle. People have tried to overcome it by patching or duplicating new code sections for retrofitting of executables, which is not only inefficient but also cumbersome and restrictive on what retrofitting techniques can be applied to. In this paper, we present UROBOROS, a tool that can disassemble executables to the extent that the generated code can be assembled back to working binaries without manual effort. By empirically studying 244 binaries, we summarize a set of rules that can make the disassembled code relocatable, which is the key to reassembleable disassembling. With UROBOROS, the disassembly-reassembly process can be repeated thousands of times. We have implemented a prototype of UROBOROS and tested over the whole set of GNU Coreutils, SPEC2006, and a set of other real-world application and server programs. The experiment results show that our tool is effective with a very modest cost.
منابع مشابه
DexLego: Reassembleable Bytecode Extraction for Aiding Static Analysis
The scale of Android applications in the market is growing rapidly. To efficiently detect the malicious behavior in these applications, an array of static analysis tools are proposed. However, static analysis tools suffer from code hiding techniques like packing, dynamic loading, self modifying, and reflection. In this paper, we thus present DEXLEGO, a novel system that performs a reassembleabl...
متن کاملDevelopment of Spontaneously Disassembling Dendrimers as a Platform Technology for PARACEST MRI Contrast Agents
PARACEST MRI contrast agents have been incorporated into nanocarriers to improve PARACEST sensitivity. Spontaneously disassembling dendrimers are nanocarriers can carry high payloads of chemotherapies to pathological tissues, and then rapidly release the chemotherapies during enzyme-triggered spontaneous disassembly of the dendrimers. To investigate whether a spontaneously disassembling systems...
متن کاملRobot Control Using UML and Multi-agent System
Increased industrialization and new markets have led to an accumulation of used technical consumer goods, which results in greater exploitation of raw materials, energy and landfill sites. In order to reduce the use of natural resources conserve precious energy and limit the increase in waste volume. The application of disassembly techniques is the first step towards this prevention of waste. T...
متن کاملBolted Joints Disassembly: A Field Study for Thermal Influence on Large Diameters
During maintenance operations, technicians have to work as quickly as possible. But they are often stopped during disassembly by blocked bolts or studs. This paper examines causes of blockage and suggests new method for disassembling bolted joint in this case. Several methods are analyzed and tested with finite element simulations. An experimental protocol to test a new disassembling method is ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2015