http://taossa.com/index.php/2008/10/13/bugs-vs-flaws/#more-83
I didn't see this post beforehand, and I would like to comment on it (mainly because commenting on his blog post might be the easiest way of getting into a conversation with Mr. McDonald these days ;), but I don't have time right now. Will fix this later this week hopefully.
Friday, December 26, 2008
Sometimes, diffing can remove obfuscation (albeit rarely)
Hey all,
apologies for the sensationalist title, but I found another amusing example today where the same function was present in two different executables -- in two differently obfuscated forms. Amusingly, DiffDeluxe identified the "common components" between these two functions, effectively removing a lot of the obfuscation.
While this is clearly not a typical case, it nonetheless made me smile.
Merry Christmas everyone !
apologies for the sensationalist title, but I found another amusing example today where the same function was present in two different executables -- in two differently obfuscated forms. Amusingly, DiffDeluxe identified the "common components" between these two functions, effectively removing a lot of the obfuscation.
While this is clearly not a typical case, it nonetheless made me smile.
Merry Christmas everyone !
Subscribe to:
Posts (Atom)