Your SlideShare is downloading. ×
0
Reverse-Engineering Flash Files with SWFRETools<br />Sebastian Porst (sp@porst.tv) – SOURCE Boston 2011<br />
About Me<br />2<br />
Current Work<br />3<br />
What this talk is about<br />Ship it!<br />4<br />
What this talk is not about<br />5<br />
Why is this relevant?<br />6<br />
SWF Files: An Overview<br />Header<br />Tag 1<br />Tag 2<br />Tag 3<br />Tag 4<br />…<br />Tag n<br />7<br />
SWF Files: Interesting Aspects<br />8<br />
Existing Tools<br />SWFTools<br />Flash Dump Decompiler<br />swfmill<br />Sothink SWF Decompiler<br />9<br />
Problems with existing tools<br />SWFTools<br />Flash Dump Decompiler<br />Crashes<br />Old<br />Limited<br />Wrong tool<b...
Introducing SWFRETools<br />11<br />
Goals<br />12<br />
Architecture<br />13<br />
Tool I: The Parser<br />14<br />
Parser Goals<br />15<br />
Workflow Intermezzo I<br />16<br />
Tool 2: Flash Dissector<br />17<br />
Flash Dissector Goals<br />18<br />
Flash Dissector Demo<br />19<br />
Weaknesses of Flash Dissector<br />20<br />
Flash Dissector Future<br />21<br />
Workflow Intermezzo II<br />22<br />
Static analysis vs Dynamic analysis<br />23<br />
Detour: Flash Player Debugger<br />24<br />
Detour: Flash Player Debugger<br />25<br />
Tool  III: Tracer/Debugger<br />26<br />
Tracer Implementation<br />27<br />
Last week in China<br />28<br />
Last week in China<br />29<br />
Tracer Plans<br />30<br />
Workflow Intermezzo III<br />31<br />
Minimizing sample files<br />32<br />
Minimizing files without templates<br />33<br />
Do not forget RETURN<br />34<br />Function A<br />Function B<br />Crash here<br />
Tool IV: Minimizer<br />35<br />
Automated minimizing<br />36<br />
Minimizer Goals<br />37<br />
Off to GitHub we go!<br />Shipped!<br />https://github.com/sporst<br />38<br />
Call for participation<br />39<br />
Summary<br />40<br />
Thank you!<br />41<br />?<br />
Let me help …<br />42<br />
Image Credits<br />http://www.flickr.com/photos/markchadwick/4592186576/<br />43<br />
Upcoming SlideShare
Loading in...5
×

Sebastian Porst - Reverse-Engineering Flash Files with SWFRETools

140,367

Published on

Published in: Business, Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
140,367
On Slideshare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
73
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • http://www.flickr.com/photos/markchadwick/4592186576/
  • http://www.flickr.com/photos/markchadwick/4592186576/
  • Transcript of "Sebastian Porst - Reverse-Engineering Flash Files with SWFRETools"

    1. 1. Reverse-Engineering Flash Files with SWFRETools<br />Sebastian Porst (sp@porst.tv) – SOURCE Boston 2011<br />
    2. 2. About Me<br />2<br />
    3. 3. Current Work<br />3<br />
    4. 4. What this talk is about<br />Ship it!<br />4<br />
    5. 5. What this talk is not about<br />5<br />
    6. 6. Why is this relevant?<br />6<br />
    7. 7. SWF Files: An Overview<br />Header<br />Tag 1<br />Tag 2<br />Tag 3<br />Tag 4<br />…<br />Tag n<br />7<br />
    8. 8. SWF Files: Interesting Aspects<br />8<br />
    9. 9. Existing Tools<br />SWFTools<br />Flash Dump Decompiler<br />swfmill<br />Sothink SWF Decompiler<br />9<br />
    10. 10. Problems with existing tools<br />SWFTools<br />Flash Dump Decompiler<br />Crashes<br />Old<br />Limited<br />Wrong tool<br />swfmill<br />Sothink SWF Decompiler<br />10<br />
    11. 11. Introducing SWFRETools<br />11<br />
    12. 12. Goals<br />12<br />
    13. 13. Architecture<br />13<br />
    14. 14. Tool I: The Parser<br />14<br />
    15. 15. Parser Goals<br />15<br />
    16. 16. Workflow Intermezzo I<br />16<br />
    17. 17. Tool 2: Flash Dissector<br />17<br />
    18. 18. Flash Dissector Goals<br />18<br />
    19. 19. Flash Dissector Demo<br />19<br />
    20. 20. Weaknesses of Flash Dissector<br />20<br />
    21. 21. Flash Dissector Future<br />21<br />
    22. 22. Workflow Intermezzo II<br />22<br />
    23. 23. Static analysis vs Dynamic analysis<br />23<br />
    24. 24. Detour: Flash Player Debugger<br />24<br />
    25. 25. Detour: Flash Player Debugger<br />25<br />
    26. 26. Tool III: Tracer/Debugger<br />26<br />
    27. 27. Tracer Implementation<br />27<br />
    28. 28. Last week in China<br />28<br />
    29. 29. Last week in China<br />29<br />
    30. 30. Tracer Plans<br />30<br />
    31. 31. Workflow Intermezzo III<br />31<br />
    32. 32. Minimizing sample files<br />32<br />
    33. 33. Minimizing files without templates<br />33<br />
    34. 34. Do not forget RETURN<br />34<br />Function A<br />Function B<br />Crash here<br />
    35. 35. Tool IV: Minimizer<br />35<br />
    36. 36. Automated minimizing<br />36<br />
    37. 37. Minimizer Goals<br />37<br />
    38. 38. Off to GitHub we go!<br />Shipped!<br />https://github.com/sporst<br />38<br />
    39. 39. Call for participation<br />39<br />
    40. 40. Summary<br />40<br />
    41. 41. Thank you!<br />41<br />?<br />
    42. 42. Let me help …<br />42<br />
    43. 43. Image Credits<br />http://www.flickr.com/photos/markchadwick/4592186576/<br />43<br />
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×