Unambiguous Encapsulation: Defending Against "Packet in Packet" Attacks

Spill and Ossman propose using a special error correcting code that has a property they call “isolation.” They call this family of codes “Isolated Complementary Binary Linear Block Codes” (ICBLBC). We implemented a generator that encodes the ICBLBC constraints as a Satisfiability Modulo Theories problem and used Digital Operatives’ proprietary constraint optimizer to enumerate all feasible solution codes.

Programmatic String Deobfuscation in .NET Malware

In .NET assemblies, String obfuscation is most often implemented by passing a series of nonsensical arguments to a deobfuscation method which then returns the deobfuscated string to a method. In this post, you will learn some quick and dirty methods of using reflection to automate string deobfuscation in .NET assemblies.

CSAW CTF 2013 Qualification Round: Reversing

The 2013 CSAW Capture the Flag Qualification Round was held this past weekend with over 1300 participating teams. Like most Jeopardy-style CTFs, CSAW had several categories of problems, with Reverse Engineering as one of them. A small team from Digital Operatives participated in this competition; below are write-ups for the Reversing problems.