Reverse Engineering Python Applications

نویسندگان

  • Aaron Portnoy
  • Ali Rizvi-Santiago
چکیده

Modern day programmers are increasingly making the switch from traditional compiled languages such as C and C++ to interpreted dynamic languages such as Ruby and Python. Interpreted languages are gaining popularity due to their flexibility, portability, and ease of development. However, these benefits are sometimes counterbalanced by new security exposures that developers are often unaware of. This paper is a study of the Python language and methods by which one can leverage its intrinsic features to reverse engineer and arbitrarily instrument applications. We will cover techniques for interacting with a running interpreter, patching code both statically and dynamically, and manipulating type information. The concepts are further demonstrated with the use of AntiFreeze, a new toolset we present for visually exploring Python binaries and modifying code therein.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Looking Inside the (Drop) Box

Dropbox is a cloud based file storage service used by more than 100 million users. In spite of its widespread popularity, we believe that Dropbox as a platform hasn’t been analyzed extensively enough from a security standpoint. Also, the previous work on the security analysis of Dropbox has been heavily censored. Moreover, the existing Python bytecode reversing techniques are not enough for rev...

متن کامل

Design of an Automatically Generated Retargetable Decompiler

This paper presents a concept of a retargetable reverse compiler (i.e. a decompiler). This tool translates platform-specific binary applications into a high-level language (HLL) representation. A Python-like language was chosen as the target language. Our unique solution is automatically generated from the target platform description in the architecture description language (ADL) ISAC. The deco...

متن کامل

UCPy: Reverse-Engineering Python

One of the recurring topics in the Python community is how to make Python programs run faster. Typically, a set of solutions is proposed which include: adding static type inference; somehow compiling programs into native code; translating Python programs into Parrot/Lisp/.net code; applying research results from dynamically-typed language implementation. Progress has been made on some of these,...

متن کامل

On the Investigation of Application Specific Data within Digital Forensics

Microsoft Word and Skype are widespread applications in our daily IT life. Up to now, if a computer forensic examination is required, the majority of forensic investigators tends to use commercial software to analyse this application-specific data. However, commercial software is rather expensive and typically closed-source. This paper aims at exploring if an applicationspecific forensic invest...

متن کامل

Recent Developments in the Pytough Scripting Library for Tough2

PyTOUGH, a Python scripting library for automating TOUGH2 simulations, was publicly released as free opensource software in 2011. Since then, it has been used in a wide variety of TOUGH2 modelling applications, particularly for complex simulations which would be difficult or impossible using traditional manual or graphical workflows. It has also been incorporated into at least two graphical int...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2008