http://labs.neohapsis.com/2008/06/14/minivm-recon-release/ Managing Risk and Security since 1998 Tue, 31 Jan 2012 17:39:48 +0000 hourly 1 http://wordpress.com/ http://labs.neohapsis.com/2008/06/14/minivm-recon-release/#comment-114 Wed, 02 Jul 2008 19:58:43 +0000 http://neolab.wordpress.com/?p=37#comment-114 [...] Craig Smith from Neohapsis presented on using virtual machine to implement code obfuscation.  Don’t think VMWare virtual machines here.  Instead think custom instruction sets and a runtime interpreter.  He covered the basics of this technique which were popularized by honeynet SOTM32 challenge.  The idea is to create a custom instruction set and then use it to implement the logic you want obfuscated. You can apply this approach to hide system calls or important calculations. The bottom line is that a small effort on the developers part can create a lot more work for the reverser. More details and his sample code can be found on the Neohapsis blog. [...]

]]>