Presentation Material
Abstract
In this talk , we introduce the participants to the world of symbolic execution. It’s uses in reverse engineering, fuzzing or vulnerability discovery is less known in the infosec community. We try to impart the basics to get up and running with the KLEE symbolic virtual machine and solve some interesting challenges. Software Vulnerabilities like memory corruptions, certain logical bugs, complex arithmetic used for obfuscation etc could be easily solved using symbolic execution. Symbolic execution is well discussed in academic papers, but it is not widely used by security researchers. It has been proved with tools like angr that they are remarkable in detecting vulnerabilities.
AI Generated Summarymay contain errors
Here is a summary of the content:
The speaker is an expert in content summarization, specifically in binary analysis. They demonstrated how to use a tool called “anger” to perform symbolic execution on a binary without source code. The goal was to find a secret key in a specific binary.
The speaker started by analyzing the binary using a tool like IDA or Radar, noting down the offset where the secret key is located. They then used anger to create a project and symbolize the offset, asking it to find the secret key.
After executing anger, the speaker was able to retrieve the secret key, demonstrating the power of symbolic execution in reverse engineering.
The speaker also discussed some challenges in binary analysis, such as path explosion, where modern binaries can have multiple paths that make it difficult for symbolic execution engines to solve. They emphasized the importance of being specific about what needs to be solved and using tools like anger to simplify the process.
In conclusion, the speaker recommended using anger, a freely available tool, for symbolic execution and reverse engineering, and encouraged attendees to explore its capabilities further.