Slide 1
Slide 1
Slide 1
Slide 1
Slide 1
Slide 1

PRESENTATION MATERIALS

PHOTOS / VIDEOS

Official conference photos and HD videos will be made available in the next 2-3 weeks. Please follow @hitbsecconf on Twitter for links or join our Facebook Group

Jurriaan Bremer (Independent Researcher / HITB.nl CTF Core Crew)

PRESENTATION TITLE: SSEXY: Binary Obfuscation the SSE Way

PRESENTATION ABSTRACT:

Over the past few decades people have been reverse engineering 3rd party software in order to analyze and break it. Hence many attempts have been done to make it harder to analyze, therefore obfuscating the software. Today I present a relatively new way to obfuscate binaries - Using the SSE Instruction Set, an extension for the x86 instruction set (this is the machine code that is processed by the CPU), I will show how to obfuscate existing assembly and binaries by translating “normal” instructions into SSE instructions.

The SSE Instruction Set is a special instruction set provided by the CPU for heavy math operations, it performs really well for 3D graphics (such as used in games and rendering engines) and bruteforcing hashes (md5 etc.)  The idea of using SSE to obfuscate binaries is definitely not new, but has not been used before for entire binaries, which makes it unique in it’s own way.

At last through the use of my tool SSEXY, I will show how SSE will break existing code analysis tools and Anti Virus software. I will show new ways to obfuscate existing binaries and new methods to fool reverse engineers, static analyzers and anti virus engines.

ABOUT JURRIAAN BREMER

Jurriaan is an independent security researcher from the Netherlands who has been interested in the development and analysis of low-level software, their algorithms and new ways to bypass existing security measures. He is also a member of “De Eindbazen” (a dutch team that plays CTFs) and one of the people behind the HITB.nl CTF.

Okura Hotel Amsterdam
Ferdinand Bolstraat 333, 1072 LH Amsterdam,
The Netherlands

1-Day Intensive Training Sessions – 21st of May / 0900 – 1800

 

SPECIAL OPS 1  - WIRELESS SECURITY KUNGF00

SPECIAL OPS 2  – THE ART OF EXPLOITING SQL INJECTION FLAWS

SPECIAL OPS 3 – MOBILE APPLICATION HACKING – ATTACK & DEFENSE



2-Day Hands on Training Sessions – 22nd – 23rd of May / 0900 – 1800

TECH TRAINING 1  – HUNTING WEB ATTACKERS

TECH TRAINING 2  – ADVANCED LINUX EXPLOITATION METHODS

TECH TRAINING 3  - ADVANCED APPLICATION HACKING – ATTACKS, EXPLOITS & DEFENSE

 

 



3-Day Hands on Training Sessions – 21st, 22nd & 23rd of May / 0900 – 1800

TECH TRAINING 4  – THE EXPLOIT LABORATORY: ADVANCED EDITION




QUAD TRACK CONFERENCE – 24th & 25th of May / 0900 – 1800

Featuring keynotes by BRUCE SCHNEIER and ANDY ELLIS



EVENT ORGANIZER

LOCAL PARTNER

PLATINUM SPONSORS

GOLD SPONSORS

TITANIUM SPONSOR (POST CONFERENCE RECEPTION + SPEAKER RECEPTION)

SILVER SPONSOR

HACKWEEKDAY SPONSOR

ALCO_PWN SPONSOR (POST CONFERENCE RECEPTION)

HITB LAB / SIGINT SPONSOR

NETWORK SPONSORS AND UPLINK

ADDITIONAL SUPPORT BY

SUPPORTING MEDIA

FRIENDS OF HITB

Copyright © 2012 Hack In The Box | http://www.hackinthebox.org

( / 10 )