Entries by sp

So I finally got around to writing a review for Justin Seitz's new No Starch Press book Gray Hat Python (Official Website / Amazon). Unlike the other No Starch Press books I reviewed in the last months my copy of Gray Hat Python is not a free review copy. I actually bought Gray Hat Python because I wanted to support Justin Seitz who I met at this year's CanSecWest conference for the first time. And because Justin seems to be a pretty nice guy I will punch a bit harder in this review than I usually do (unless the reviewed book really sucks) by giving unsolicited advice on how to improve the book for the second edition.

What is Gray Hat Python all about? The back cover of the book describes it like this: "Gray Hat Python explains the concepts behind hacking tools and techniques like debuggers, trojans, fuzzers, and emulators." And all of that using Python code and popular Python libraries. How awesome is that? Pretty awesome I thought when I first heard about the book. So awesome in fact that several months before the book was published I actually sent Justin an email asking him if everything's fine because I was concerned that the publisher is imposing stuff on him which could lead to a shitty book (see: Reverse Engineering Code with IDA Pro; if you ever meet any of the authors of that book ask them to tell you just how much Syngress sucks; it's an entertaining story).

Continue reading "Book Review - Gray Hat Python"

Growing Software - Proven Strategies for Managing Software Engineers (Amazon / Official Website) written by Louis Testa is the latest No Starch Press book I received a free review copy of (thank you No Starch Press). Imagine that you are working for a mid-sized software development company and you were recently promoted to become the manager of a small development team. Now you have to figure out how to plan and schedule the software development process and how to manage the people in your team. Growing Software wants to assist you with this.
Continue reading "Book Review - Growing Software"

Staying true to our 6 months release cycle we will probably release BinNavi 2.1, the latest version of our binary code reverse engineering tool, next week. After BinNavi 1.5 and BinNavi 2.0 this is the third release of BinNavi I have been in charge of. I want to take this opportunity to talk about the features I like most in BinNavi 2.1. You can actually find a more or less complete list of what is new in BinNavi 2.1 compared to BinNavi 2.0 over here.

Continue reading "An unconnected string of thoughts about BinNavi 2.1"

A few months ago my friend Rolf Rolles created the Reverse Engineering reddit. It's pretty awesome. It focuses on random reverse engineering related articles and lots and lots of academic papers, mostly for static code analysis. The submission quality is pretty high (or the moderators reject a lot of submissions, I don't really know). So just in case you are not aware of this reddit yet, I suggest you hop over there and subscribe to it.

While we are at it, for those of you stalking me already. I have a Twitter account now. That should make your job easier.

Continue reading "A flurry of Web 2.0"

In late 2008 Raoul Chiesa, Stefania Ducci, and Silvio Ciappi published an interesting book called Profiling Hackers (Amazon). The idea behind this book is simple: Police officers use profiling to find criminals. Hackers often do illegal things. Police officers therefore need to profile hackers. Most police officers do not have a clue about hackers though. On 240 pages divided into seven chapters this book tries to help them by explaining what Hackers are like.

Continue reading "Book Review - Profiling Hackers"

In a bit less than two weeks I will be attending CanSecWest 2009. If anybody wants to meet me there to talk about reverse engineering, static code analysis, BinNavi, or why Sierpinski triangles are tools of the devil please contact me. You can find my contact information on the right side of this website.

If you do not want to talk about any of the above, you can still watch my talk and tell me your opinion about it. This would be much appreciated. Thank you.

A few days ago I complained about the incredibly awkward IT Security Girl of the Year award that will be dished out later this year at the French IT security conference FRHACK. Apparently the FRHACK organizers did not like what I wrote because they are now threatening to sue me if I do not remove the screenshot of the incredibly inappropriate photos they used to advertise the IT Sec Girl award. The following sentence is from an email I received from one of the FRHACK organizers.

We just ask you to remove this picture http://www.the-interweb.com/bdump/misc/itsec_girl.jpg because these pictures are copyrighted. Thanks to delete your screenshot or we will take legal action.

After I received this email I was incredibly annoyed. It's less about them requesting me to take down the screenshot though. I was more annoyed with their reply in general. In no way did they even bother to address the issue I complained about. This would have been the perfect time to show some character. They could have discussed their point of view. They could have apologized for their mistakes. They could have told me to stuff it (in case they think their point of view is correct; which apparently they don't because they changed their website). All of these (and more) would have been perfect ways to show some personal responsibility and the whole issue would be finished from my point of view.

But that's not what happened. Instead they sent me this incredibly limp-dicked legal threat which I believe to be more about removing evidence that documents their failures than about any legit copyright issues. The passive-aggressive vibes I am getting from this (and the fact that I am allergic to legal threats) piss me off so much that I need to complain about this publicly. I hope I will never have the displeasure to meet any of the FRHACK organizers in real life.

Now the thing is, I do not have the time or the resources to fight their legal threat. I will take down the screenshot in the next few days (probably at one point between now and next Wednesday; whenever I feel like it).

Update: Looks like the screenshot stays on my website. See the end of the original post for a detailed update.

Update 2: Please check out the comments made by the FRHACK team in response to this post. This should clear some things up.

Today I am going to break with the spirit of this website. This entry is not about Programming Stuff as advertised in the title of my blog. Today I am going to complain about something which is only very casually related to Programming Stuff. In some way it is kind of similar to when CmdrTaco used the Slashdot front page to complain about Blizzard making him change his WoW name. It's my website and I post what I want. So if you came here expecting new Programming Stuff you can hit the Back button of your browser now.

Anyway, let's start. I woke up this morning and saw that someone I know will attend the French IT Security conference FRHACK. I began to browse the FRHACK website. I checked out the Events section. I came across something called Best IT Security Girl of the Year. For a split-second I was amused about this obvious little satirical reflection about the role of women in IT and especially IT Sec. I quickly scrolled around to find the IT Security Boy of the Year. There was no such award. It dawned on me that the IT Sec Girl of the Year award is actually a serious award and I started to feel sick.

Continue reading "IT Security Girl of the Year"

A few weeks ago I read some Reverse Engineering related blog which I can't remember right now and my Google-Fu is failing me too or I would link to it. Anyway, in one of the comments on that blog, the book Dumps, Bugs and Debugging Forensics - The Adventures of Dr Debugalov (Amazon) was mentioned. Since the book title and its cover amused me a lot and I can't spend all of my money on hookers and blow I quickly grabbed a few Benjamins from my money bin and bought the book without checking out what it is actually about.

Some days later it arrived and I was surprised. The book is actually a comic book. It is a compilation of the comics you can find here. As you can see, the comics are not especially well-drawn and they're nearly completely unfunny to boot. OK, four or five of the comics in the book are actually funny. The other 40 or so are not. The problem is obvious. There are only so many good jokes you can make about debugging (and to be honest, I debug a lot of stuff and I know very few good jokes about debugging). About four years and 100 blog entries ago, I complained about the ridiculous puns in the book C++ Coding Standards. The Dr Debugalov book suffers from exactly the same problem. Except that the Dr Debugalov book has (nearly) no content except for the puns in comic form. This magnifies the problem to the point where it's getting painful.

Talking about ridiculous puns. The pages of the book do not just contain comics. Every single page also features a more or less famous quote that has been reworked (by replacing or inserting words) to turn it into a quote about debugging. After reading approximately 20 of these so called bugtations I wanted to shoot myself.

So yeah, what to recommend. You should probably buy the book, rip off the cover (which is really cute), frame it and hang it onto the wall of your little cog-in-the-machine cubicle or wherever you are working. The rest of the book can quickly be discarded.

I am going to attend the Chaos Communication Congress 2008 in two weeks. People who want to meet me there to talk about BinNavi, Hexer, static code analysis, reverse engineering in general, or why the movie Hackers is more realistic than most people think, please contact me using one of the options you can find on the navigation bar on the right side of this page.

Here's something amusing. I spent the first half of the day writing a short Haskell program which generates x86 instructions in MASM syntax. The program generates all variants of the non-privileged instructions from the opcodes.chm file of the MASM32 package. This means that the instruction generator is not complete at all. FPU, MMX, SSE and other newer-than-x486 instructions are not covered. Nevertheless the generator already generates nearly 150,000 different x86 instructions.

When assembled with MASM32 the resulting file is more than 600 KB big. Trying to disassemble this thing with a few standard disassemblers turns out to be a problem. IDA fails to disassemble an instruction after maybe 5% of the executable and never manages to recover afterwards. Lots of manual help is necessary to convince IDA to go on. OllyDBG manages to disassemble that instruction but has huge gaps at many, many other points of the disassembly. The created file is an interesting test file for x86 disassemblers I'd say.

The Haskell program is just about 300 lines long. 280 of those lines are the definitions of  the instructions and what operands they can take. The generation of the instructions from the instruction definitions is just 20 lines and all but 8 lines are not even strictly necessary. I love Haskell's expressiveness.

Anyway, click here to see the Haskell source or click here to download the whole package including the Haskell program (source + EXE), the generated output of the Haskell program, a MASM32 source file that can be used to assemble the test file, and the test file EXE itself.

Recently No Starch Press sent me another book for free. Thank you No Starch Press. The book is called The Art of Debugging with GDB, DDD, and Eclipse (Official Website / Amazon) and was written by Norman Matloff and Peter Jay Salzman. The concept of the book is to introduce the reader to debugging (using Linux C/C++ example programs) with the debuggers/IDEs GDB, DDD, and Eclipse. Throughout the book the user is guided through sample debugging sessions first with GDB and afterwards (in briefer form) with DDD and Eclipse.

The book is roughly 260 pages long and divided into eight chapters.

Continue reading "Book Review - The Art of Debugging with GDB, DDD, and Eclipse"

Next week I'm going to attend this year's hack.lu conference in Luxembourg. So if anybody else who attends hack.lu wants to talk about the new version of BinNavi, Hexer, static code analysis, reverse engineering in general, or some kind of other topic contact me please (see the right side bar for contact options).

Good news from work. A new version of BinNavi, the graph-based reverse engineering software I've been working on for the last few months, is supposed to be released in mid-October. We sent out Beta versions of BinNavi to a few select customers about two weeks ago and this week we are going to send all of them a second beta version that includes many of the improvements they suggested.

BinNavi 2.0 introduces many cool new features. There is a completely new GUI which makes it easier to work with disassembled files stored in BinNavi databases. All disassembled files in BinNavi databases can now be accessed from the main window. Different files can be combined into projects that can be used to analyze and debug multiple disassembled files and the interaction between them. Think of having one EXE file and multiple DLL files in one project for example.

Click here to see a screenshot of the new main window. You can see eight disassembled files (Modules) and one project that combines notepad.exe with a few imported DLL files.

Continue reading "BinNavi 2.0 Preview"

About two weeks ago I received a copy of Chris Eagle's new book The IDA Pro Book (Official Website / Amazon). The publisher No Starch Press was nice enough to send me a free copy of the book to write a review for it. Thank you No Starch Press. And even though I've sworn the official RE blogger's oath to uphold my blog to the highest journalistic standards, this obviously means that my review is completely biased because I hope that No Starch Press will continue to send me books for free (please contact me for a precise list of the books I'm interested in, thanks in advance).

Anyway, less talk about No Starch Press and more about The IDA Pro Book. Written by Chris Eagle, The IDA Pro Book is the latest book that tries to guide reverse engineers through the exciting world of binary files you've "lost" the source code for. The approximately 580 pages of the book (it's not 640 pages long as claimed on Amazon) are divided into 26 chapters which are themselves grouped into six parts.

Continue reading "Book Review - The IDA Pro Book"