back

Implementing an LLVM based Dynamic Binary Instrumentation framework

If you suspend your transcription on amara.org, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!

Please do not press “publish” on amara.org to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.

Video duration
01:00:02
Language
English
Abstract
This talk will go over our efforts to implement a new open source DBI framework based on LLVM. We'll explain what DBI is used for, how it works, the implementation challenges we faced and compare a few of the existing frameworks with our own implementation.

We have been using DBI frameworks in our work for a few years now: to gather coverage information for fuzzing, to break whitebox cryptography implementations used in DRM or to simply assist reverse engineering.

However we were dissatisfied with the state of existing DBI frameworks: they were either not supporting mobile architectures, too focused on a very specific use cases or very hard to use. This prompted the idea of developing QBDI which has been in development for two years and a half.

With QBDI we wanted to try a modern take on DBI framework design and build a tool crafted to support mobile architectures from the start, adopting a modular design enabling its integration with other tools and that was easy to use by abstracting all the low-level details from the users.

In this talk we will review the motivation behind the usage of a DBI. We will explain its core principle and the main implementation challenges we faced. We will go through a few of the existing frameworks (Intel Pin, Valgrind, DynamoRIO) and compare our implementation choices with theirs. Finally, we will demo our framework and showcase its integration inside Frida.

We also plan to open source our framework under a permissive free software license (Apache 2) during the conference.

Talk ID
9006
Event:
34c3
Day
2
Room
Saal Dijkstra
Start
10 p.m.
Duration
01:00:00
Track
Security
Type of
lecture
Speaker
Charles Hubain
Cédric Tessier
Talk Slug & media link
34c3-9006-implementing_an_llvm_based_dynamic_binary_instrumentation_framework
English
0.0% Checking done0.0%
0.0% Syncing done0.0%
0.0% Transcribing done0.0%
100.0% Nothing done yet100.0%
  

Work on this video on Amara!

English: Transcribed until

Last revision: 2 years, 11 months ago