Luis Miras - Fix Bugs in Binaries

Don't wait for your vendor to get around to it, fix bugs yourself! There is no need to wait for patches and new (possibly expensive) software upgrades. In many cases fixing bugs in binaries is easier and faster than in the source code. This is especially true considering the complexity of library dependencies and build environments.

Some consider "cracking" software protection a form of patching bugs, that is not what this talk is about. It covers straightforward reverse engineering techniques applied to solve flaws in running, binary code you either don't have the source code to, or don't want to rebuild from source. While there are obvious trade-offs to be made in reliability, warranty coverage, and potential legal snags, if you have the chops to research and reverse vulnerabilities, you already have the tools to patch your apps.

I'll discuss the topic by showing how I fixed a bug in the camera software on my cellphone.


Luis Miras is the head vulnerability researcher at Intrusion Inc. He has done work for HBGary LLC. and Network Associates. He released the first public polymorphic shellcode at Defcon 8 and has also spoken at Toorcon 7 as well as the CCC Congress (17c3) in Berlin. In the past he has worked in digital design, and embedded programming.