Practical uses of program analysis will be presented and explained. Including Instrumentation, Symbolic and Concolic Execution, both in theory, in practice, and tools for each type. Specifically, this talk will show how to automatically generate an exploit against a complex, standalone application.
We show how to traverse program control flow to collect path constraints and solve for a desired execution. This process can then be applied to targeting generalized behavior in a program or finding known vulnerability characteristics. A demonstration will conclude the talk by solving an obfuscated ‘crackme’ challenge using the various methods described in the talk. A tool will be published alongside a white paper and the power point.
Sophia D’Antoine is a security engineer at Trail of Bits and a recent graduate of Rensselaer Polytechnic Institute. She is a regular speaker at security conferences around the world, including RECon, Blackhat, and Hack.lu. Her present work includes techniques for side channel attacks, automated software exploitation, and software obfuscation with LLVM.