well I am working on exploits dev and reverse engineering of malwares all this period but what I noticed is many people mention the word " custom compilers " and " custom disassemblers and debuggers " being sold in underground markets , so my question is how can a compiler be a custom one? I mean what kind of options can be added it to it and how it would be different from gcc or visual studio compiler ?
for disassemblers and debuggers , well all know most targeted architecture is intlx86 and IDA pro is famous for giving best options, so why looking for ones in underground market and what additions can they offer to the work of exploits dev etc ?
question about compilers and disassemblers
Re: question about compilers and disassemblers
Very interesting topic actually.
I haven't heard of anything like this myself, but I will ask some more experienced people at work and see what they say.
Give me until next week (everyone is free until Monday here now).
I haven't heard of anything like this myself, but I will ask some more experienced people at work and see what they say.
Give me until next week (everyone is free until Monday here now).
"The best place to hide a tree, is in a forest"
Re: question about compilers and disassemblers
Lazy peoplecats wrote:Give me until next week (everyone is free until Monday here now).
In a related note, not related to security but to compilers in general. There is a course on Coursera right now about compilers, gonna start learning it probably next week or so, so if you're interested here you go:
https://class.coursera.org/compilers-selfservice" onclick="window.open(this.href);return false;
Re: question about compilers and disassemblers
thx @cats I will be waiting
@ph0bYx that s really awesome I will attend that course too , it came in the right time
@ph0bYx that s really awesome I will attend that course too , it came in the right time
Re: question about compilers and disassemblers
So I asked around a bit and discussed it with some collegues.
Custom made software like this is made for many different reasons, but it can be to get a different kind of view/output that is more suitable for "less nice" coding.
It can also be to include certain nasty code in every code that is compiled, or to have ready malware modules to easily put into the code and so on.
Same goes for disassemblers where you might want a different type of output than "normal" crackers or hackers would want.
Another thing might be that they want to make sure that no one else is "listening" if you know what I mean?
As in, it might be safer for them to have a completely private compiler/disassembler/debugger so that they know that it's only their code in there and nothing else.
There are many reasons, but these are the selling points we could think of.
Custom made software like this is made for many different reasons, but it can be to get a different kind of view/output that is more suitable for "less nice" coding.
It can also be to include certain nasty code in every code that is compiled, or to have ready malware modules to easily put into the code and so on.
Same goes for disassemblers where you might want a different type of output than "normal" crackers or hackers would want.
Another thing might be that they want to make sure that no one else is "listening" if you know what I mean?
As in, it might be safer for them to have a completely private compiler/disassembler/debugger so that they know that it's only their code in there and nothing else.
There are many reasons, but these are the selling points we could think of.
"The best place to hide a tree, is in a forest"
Re: question about compilers and disassemblers
Thank you cats , these infos are very important to me as it kept me curious and yeah I kn0w what you mean
btw I got an idea, in Juin I will be more free and available so if anyone is interested we can make such project for suck-o and we use it only suck-o members so what do u think?
btw I got an idea, in Juin I will be more free and available so if anyone is interested we can make such project for suck-o and we use it only suck-o members so what do u think?
- Lundis
- Distorter of Reality
- Posts: 543
- Joined: 22 Aug 2008, 16:00
- 15
- Location: Deadlock of Awesome
- Contact:
Re: question about compilers and disassemblers
Actually most of the programming for compilers is really boring. It's basically grammar rules and theory and a huge collection of similar switch statements.
If I were to make my own compiler it would be to über-optimize specific code. There are circumstances under which you can make really fancy optimizations, but that general compilers can't use because they have to support all circumstances or the optimizations would cause the compiler to run for days/weeks for big projects. For instance, you could utilize registers more efficiently and avoid saving/restoring states between function calls in small programs by having every function use specific non-conflicting registers.
If I were to make my own compiler it would be to über-optimize specific code. There are circumstances under which you can make really fancy optimizations, but that general compilers can't use because they have to support all circumstances or the optimizations would cause the compiler to run for days/weeks for big projects. For instance, you could utilize registers more efficiently and avoid saving/restoring states between function calls in small programs by having every function use specific non-conflicting registers.
Re: question about compilers and disassemblers
Lundis wrote:Actually most of the programming for compilers is really boring. It's basically grammar rules and theory and a huge collection of similar switch statements.
If I were to make my own compiler it would be to über-optimize specific code. There are circumstances under which you can make really fancy optimizations, but that general compilers can't use because they have to support all circumstances or the optimizations would cause the compiler to run for days/weeks for big projects. For instance, you could utilize registers more efficiently and avoid saving/restoring states between function calls in small programs by having every function use specific non-conflicting registers.
oh what you said is really interesting, now I got to dig more to understand how to make every function use specific non-conflicting registers.thx Lundis