Wednesday
Workshop
15:00 - 16:00
(UTC+02)
Workshop (60 min)
Part 1/2: How to execute an object file
In this session we will create a small toy dynamic linker/loader, which allows importing and executing any piece of pre-compiled binary code. Imagine you have a binary blob from an obscure system with no toolchain to utilize it. Or you're designing a bespoke sandbox to research a piece of malware.
Along the way we will learn how runtime linking works and how executables and shared libraries are combined into a single application. We will dissect the ELF file format, implement code relocations and stub external dependencies. In the end we will have a small, but fully working standalone program, which can load an external piece of code and execute it.
Ignat Korchagin
Ignat is a systems engineer at Cloudflare working mostly on Linux, platforms and hardware security. Ignat’s interests are cryptography, hacking, and low-level programming. Before Cloudflare, Ignat worked as a senior security engineer for Samsung Electronics’ Mobile Communications Division. His solutions may be found in many older Samsung smart phones and tablets. Ignat started his career as a security researcher in the Ukrainian government’s communications services.