From December 11th thru the 12th, coders will descend on Barcelona to participate in the official No cON Name Hackathon. The participants will be involved in developing and using the tools created by the lead developers and core NowSecure Research Team members.
Radare and Frida Working in Tandem
Radare is a reverse engineering toolkit built by NowSecure security researcher Sergi glvarez (pancake aka @trufae). The toolkit enables static analysis techniques to execute binary reversing, perform forensics on filesystems, patch programs to fix vulnerabilities, and more. The Radare2 website offers documentation, blog posts, and presentations about the features the toolkit offers. Radare adopts the UNIX philosophy of developing small, purpose-built, tools that build upon each other.
Both Sergi and Ole emphasize how Radare and Frida can work in tandem. For example, you might discover internal functions in low-level detail with Radare, then hook them with Frida to see how they behave at runtime. Or, you run Frida on a binary to give you high-level runtime telemetry that you can feed back to your Radare session for more permanent binary modifications.
What Can Hackathon Participants Expect?
Sergi will be kicking off the hackathon by presenting all the needed information to hackers. Participants will learn about the code organization of both projects, how to build, run, and test them, and how to use the tools. Tasks the participants will explore are listed below.
- Extend current assemblers (x86, arm, arm64)
- Add new disassemblers (Flash, MSIL, WebAssembly, I)
- Better support for Android Dalvik and ART binaries
- Faster iOS fatmach0 and dyldcache dumper
- Enhance the webui (responsive design)
- Add support for crashdumps (minidump, coredump, I)
- Add new npm modules for Frida, such as frida-fs for in-process file-system access
- Add new language runtime integrations for instrumenting apps written in Swift, .NET, Python, Ruby, etc.
- Expose Profiler API
- Improve the Python language support
- Improve the Objective-C and Java runtime integrations
- Improve the documentation
Skills required to perform these tasks:
- Some tasks require knowledge of C/JS
- Both tools run on all major OS
A special thank you to security engineer Francisco Alonso (@revskills) for helping with organization at the event. You also wonUt want to miss presentations from security engineer Pau Oliva (@pof) and security analyst Sebasti n Guerrero (@0xroot).