• Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
131,337
On Slideshare
0
From Embeds
0
Number of Embeds
4

Actions

Shares
Downloads
71
Comments
0
Likes
2

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide
  • http://www.flickr.com/photos/markchadwick/4592186576/
  • http://www.flickr.com/photos/markchadwick/4592186576/

Transcript

  • 1. Reverse-Engineering Flash Files with SWFRETools
    Sebastian Porst (sp@porst.tv) – SOURCE Boston 2011
  • 2. About Me
    2
  • 3. Current Work
    3
  • 4. What this talk is about
    Ship it!
    4
  • 5. What this talk is not about
    5
  • 6. Why is this relevant?
    6
  • 7. SWF Files: An Overview
    Header
    Tag 1
    Tag 2
    Tag 3
    Tag 4

    Tag n
    7
  • 8. SWF Files: Interesting Aspects
    8
  • 9. Existing Tools
    SWFTools
    Flash Dump Decompiler
    swfmill
    Sothink SWF Decompiler
    9
  • 10. Problems with existing tools
    SWFTools
    Flash Dump Decompiler
    Crashes
    Old
    Limited
    Wrong tool
    swfmill
    Sothink SWF Decompiler
    10
  • 11. Introducing SWFRETools
    11
  • 12. Goals
    12
  • 13. Architecture
    13
  • 14. Tool I: The Parser
    14
  • 15. Parser Goals
    15
  • 16. Workflow Intermezzo I
    16
  • 17. Tool 2: Flash Dissector
    17
  • 18. Flash Dissector Goals
    18
  • 19. Flash Dissector Demo
    19
  • 20. Weaknesses of Flash Dissector
    20
  • 21. Flash Dissector Future
    21
  • 22. Workflow Intermezzo II
    22
  • 23. Static analysis vs Dynamic analysis
    23
  • 24. Detour: Flash Player Debugger
    24
  • 25. Detour: Flash Player Debugger
    25
  • 26. Tool III: Tracer/Debugger
    26
  • 27. Tracer Implementation
    27
  • 28. Last week in China
    28
  • 29. Last week in China
    29
  • 30. Tracer Plans
    30
  • 31. Workflow Intermezzo III
    31
  • 32. Minimizing sample files
    32
  • 33. Minimizing files without templates
    33
  • 34. Do not forget RETURN
    34
    Function A
    Function B
    Crash here
  • 35. Tool IV: Minimizer
    35
  • 36. Automated minimizing
    36
  • 37. Minimizer Goals
    37
  • 38. Off to GitHub we go!
    Shipped!
    https://github.com/sporst
    38
  • 39. Call for participation
    39
  • 40. Summary
    40
  • 41. Thank you!
    41
    ?
  • 42. Let me help …
    42
  • 43. Image Credits
    http://www.flickr.com/photos/markchadwick/4592186576/
    43