Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Sebastian Porst - Reverse-Engineering Flash Files with SWFRETools

158,767 views

Published on

Published in: Business, Technology
  • Be the first to comment

Sebastian Porst - Reverse-Engineering Flash Files with SWFRETools

  1. 1. Reverse-Engineering Flash Files with SWFRETools<br />Sebastian Porst (sp@porst.tv) – SOURCE Boston 2011<br />
  2. 2. About Me<br />2<br />
  3. 3. Current Work<br />3<br />
  4. 4. What this talk is about<br />Ship it!<br />4<br />
  5. 5. What this talk is not about<br />5<br />
  6. 6. Why is this relevant?<br />6<br />
  7. 7. SWF Files: An Overview<br />Header<br />Tag 1<br />Tag 2<br />Tag 3<br />Tag 4<br />…<br />Tag n<br />7<br />
  8. 8. SWF Files: Interesting Aspects<br />8<br />
  9. 9. Existing Tools<br />SWFTools<br />Flash Dump Decompiler<br />swfmill<br />Sothink SWF Decompiler<br />9<br />
  10. 10. Problems with existing tools<br />SWFTools<br />Flash Dump Decompiler<br />Crashes<br />Old<br />Limited<br />Wrong tool<br />swfmill<br />Sothink SWF Decompiler<br />10<br />
  11. 11. Introducing SWFRETools<br />11<br />
  12. 12. Goals<br />12<br />
  13. 13. Architecture<br />13<br />
  14. 14. Tool I: The Parser<br />14<br />
  15. 15. Parser Goals<br />15<br />
  16. 16. Workflow Intermezzo I<br />16<br />
  17. 17. Tool 2: Flash Dissector<br />17<br />
  18. 18. Flash Dissector Goals<br />18<br />
  19. 19. Flash Dissector Demo<br />19<br />
  20. 20. Weaknesses of Flash Dissector<br />20<br />
  21. 21. Flash Dissector Future<br />21<br />
  22. 22. Workflow Intermezzo II<br />22<br />
  23. 23. Static analysis vs Dynamic analysis<br />23<br />
  24. 24. Detour: Flash Player Debugger<br />24<br />
  25. 25. Detour: Flash Player Debugger<br />25<br />
  26. 26. Tool III: Tracer/Debugger<br />26<br />
  27. 27. Tracer Implementation<br />27<br />
  28. 28. Last week in China<br />28<br />
  29. 29. Last week in China<br />29<br />
  30. 30. Tracer Plans<br />30<br />
  31. 31. Workflow Intermezzo III<br />31<br />
  32. 32. Minimizing sample files<br />32<br />
  33. 33. Minimizing files without templates<br />33<br />
  34. 34. Do not forget RETURN<br />34<br />Function A<br />Function B<br />Crash here<br />
  35. 35. Tool IV: Minimizer<br />35<br />
  36. 36. Automated minimizing<br />36<br />
  37. 37. Minimizer Goals<br />37<br />
  38. 38. Off to GitHub we go!<br />Shipped!<br />https://github.com/sporst<br />38<br />
  39. 39. Call for participation<br />39<br />
  40. 40. Summary<br />40<br />
  41. 41. Thank you!<br />41<br />?<br />
  42. 42. Let me help …<br />42<br />
  43. 43. Image Credits<br />http://www.flickr.com/photos/markchadwick/4592186576/<br />43<br />

×