Sebastian Porst - Reverse-Engineering Flash Files with SWFRETools
Upcoming SlideShare
Loading in...5
×

Like this? Share it with your network

Share
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
121,761
On Slideshare
119,822
From Embeds
1,939
Number of Embeds
12

Actions

Shares
Downloads
71
Comments
0
Likes
2

Embeds 1,939

http://korben.info 1,022
http://www.korben.info 797
http://www.slideshare.net 79
http://korben.info:81 21
url_unknown 7
http://wwwd.forumactif.org 3
http://feeds.feedburner.com 2
http://astucestutos.fr 2
http://feed.deblan.fr 2
http://m.korben.info 2
http://feeds2.feedburner.com 1
http://wwwd.forumactif.net 1

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide
  • http://www.flickr.com/photos/markchadwick/4592186576/
  • http://www.flickr.com/photos/markchadwick/4592186576/

Transcript

  • 1. Reverse-Engineering Flash Files with SWFRETools
    Sebastian Porst (sp@porst.tv) – SOURCE Boston 2011
  • 2. About Me
    2
  • 3. Current Work
    3
  • 4. What this talk is about
    Ship it!
    4
  • 5. What this talk is not about
    5
  • 6. Why is this relevant?
    6
  • 7. SWF Files: An Overview
    Header
    Tag 1
    Tag 2
    Tag 3
    Tag 4

    Tag n
    7
  • 8. SWF Files: Interesting Aspects
    8
  • 9. Existing Tools
    SWFTools
    Flash Dump Decompiler
    swfmill
    Sothink SWF Decompiler
    9
  • 10. Problems with existing tools
    SWFTools
    Flash Dump Decompiler
    Crashes
    Old
    Limited
    Wrong tool
    swfmill
    Sothink SWF Decompiler
    10
  • 11. Introducing SWFRETools
    11
  • 12. Goals
    12
  • 13. Architecture
    13
  • 14. Tool I: The Parser
    14
  • 15. Parser Goals
    15
  • 16. Workflow Intermezzo I
    16
  • 17. Tool 2: Flash Dissector
    17
  • 18. Flash Dissector Goals
    18
  • 19. Flash Dissector Demo
    19
  • 20. Weaknesses of Flash Dissector
    20
  • 21. Flash Dissector Future
    21
  • 22. Workflow Intermezzo II
    22
  • 23. Static analysis vs Dynamic analysis
    23
  • 24. Detour: Flash Player Debugger
    24
  • 25. Detour: Flash Player Debugger
    25
  • 26. Tool III: Tracer/Debugger
    26
  • 27. Tracer Implementation
    27
  • 28. Last week in China
    28
  • 29. Last week in China
    29
  • 30. Tracer Plans
    30
  • 31. Workflow Intermezzo III
    31
  • 32. Minimizing sample files
    32
  • 33. Minimizing files without templates
    33
  • 34. Do not forget RETURN
    34
    Function A
    Function B
    Crash here
  • 35. Tool IV: Minimizer
    35
  • 36. Automated minimizing
    36
  • 37. Minimizer Goals
    37
  • 38. Off to GitHub we go!
    Shipped!
    https://github.com/sporst
    38
  • 39. Call for participation
    39
  • 40. Summary
    40
  • 41. Thank you!
    41
    ?
  • 42. Let me help …
    42
  • 43. Image Credits
    http://www.flickr.com/photos/markchadwick/4592186576/
    43