diff --git a/main.typ b/main.typ index 2371373..e35515d 100644 --- a/main.typ +++ b/main.typ @@ -71,7 +71,7 @@ year: 2025, month: 12, day: 9, - ).display("[year]-[month]-XX"), //[day]"), + ).display("[year]-[month]-[day]"), jury-content: jury-content, university: "CS", keywords-en: keywords-en, diff --git a/slides.typ b/slides.typ index 4118a3a..217a10b 100644 --- a/slides.typ +++ b/slides.typ @@ -1,6 +1,21 @@ #import "@preview/polylux:0.4.0": * #import "slides/lib.typ": * +#import "@preview/codly:1.3.0": * +#import "@preview/codly-languages:0.1.1": * +#show: codly-init.with() +#let default-codly = ( + display-name: false, + display-icon: false, + zebra-fill: none, + fill: luma(240), + radius: 1em, + inset: (y: 0.15em), + highlighted-default-color: highlight-color, + highlight-fill: it => it.lighten(40%), //highlight-color, +) +#codly-disable() + #set text(lang: "en") #set list(marker: none) @@ -32,6 +47,7 @@ date : datetime(year: 2025, month: 12, day: 9), ) + /* * Intro: * Dear jury, gentle people of the audience, here and online, thank you for your presence. @@ -67,6 +83,8 @@ #v(2em) ] +#counter("logical-slide").update( n => n - 1 ) + #slide( foreground: ghost-4(x: 60%, y: 25%, rot: 45deg) )[ @@ -123,6 +141,208 @@ #highlight-block(pb1-text) ] +#slide( + title: [Obfuscation], + //foreground: eye-1(x: 95%, y: 85%, mirror: true) +)[ + #set list(marker: [-]) + + Applications might use *obfuscation* to either: + + - protect their IP + - hide malicious behaviour + + #v(1em)#uncover(2)[ + + We will focus on two techniques: + + - *Dynamic Code Loading* + - *Reflection* + ] +] + +#for i in range(4) { + if i != 0 { + counter("logical-slide").update( n => n - 1 ) + } + show: yes-codly + + slide( + title: [Obfuscation], + subtitle: if i == 0 [Example] else if i == 1 [Dynamic Code Loading] else if i in (2, 3) [Reflection] else { none }, + foreground: eye-1(x: 95%, y: 85%, mirror: true) + )[ + #if i == 0 { + codly(..default-codly) + } else if i == 1 { + codly( + highlighted-lines: (1, 5, 6, 7, 8), + ..default-codly + ) + } else if i == 2 { + codly( + highlighted-lines: (2, 3), + highlights: ( + (line: 10, start: 42, end: 59, fill: pirat-color.blue), + (line: 13, start: 3, end: 21, fill: pirat-color.blue), + ), + ..default-codly + ) + } else if i == 3 { + codly( + highlighted-lines: (10,), + highlights: ( + (line: 12, start: 14, end: 34, fill: pirat-color.blue), + (line: 15, start: 2, end: 19, fill: pirat-color.blue), + ), + ..default-codly + ) + } + #scale(70%, reflow: true)[ + ```java + String DEX = "ZGV4CjA [...] EAAABEAwAA"; + String className = "W5f3 [...] 3sls="; + String methodName = "n6WGYJzjDrUvR9cYljlNlw=="; + + ClassLoader cl = new InMemoryDexClassLoader( + ByteBuffer.wrap(Base64.decode(DEX, 2)), + Main.class.getClassLoader() + ); + + Class loadedClass = this.cl.loadClass(decrypt(className)); + Object obj = "FooBar"; + Object ret = loadedClass.getMethod( + decrypt(methodName), + String.class + ).invoke(null, obj); + ```] + ] +} + +#counter("logical-slide").update( n => n - 1 ) +#slide( + title: [Obfuscation], + subtitle: [Deobfuscated], +)[ + #show: yes-codly + #codly( + skips: ((3, 10), (5, 10), (6, 10)), + ..default-codly + ) + #scale(100%)[ + ```java + public class Foo { + public static String bar(String arg) { + } + } + String ret = Foo.bar("FooBar"); + + ```] +] + +#slide( + title: [Class Loading], +)[ + #set align(center) + #show: yes-codly + #grid( + columns: (2fr, 1em, 1fr), + scale(70%, reflow: true)[ + #codly( + highlights: ( + (line: 1, start: 0, end: 11, fill: pirat-color.blue), + (line: 1, start: 22, end: 43, fill: pirat-color.blue), + (line: 3, start: 14, end: 27, fill: pirat-color.blue), + (line: 6, start: 32, end: 40, fill: pirat-color.blue), + ), + ..default-codly + ) + ```java + ClassLoader cl = new InMemoryDexClassLoader( + ByteBuffer.wrap(Base64.decode(DEX, 2)), + Main.class.getClassLoader() + ); + + Class loadedClass = this.cl.loadClass(decrypt(className)); + ``` + ], [], uncover(2, scale(70%, reflow: true)[ + #codly( + ..default-codly + ) + ```java + class A { + public static void foo() { + B b = new B(); + b.bar(); + } + } + ``` + + Where is the class loader? + ]) + ) +] + +#counter("logical-slide").update( n => n - 1 ) +#slide( + title: [Class Loading], +)[ + #item-by-item[ + - Used to select classes implementation + - More complexe than it looks + - Doubious documentation + - Not studied in the context of Android Static Analysis + ] +] + +#counter("logical-slide").update( n => n - 1 ) +#slide( + title: [Class Loading], +)[ + #highlight-block(pb2-text) +] + +#slide( + foreground: ghost-5(x: 10%, y: 7%) +)[ + #set align(center+horizon) + #grid( + columns: (1fr, 1fr), + gutter: 2em, + [ + == Dynamic Analysis + #item-by-item[ + - Run the application + - _See_ dynamically loaded bytecode + - _See_ reflection calls + - Limited by code coverage + ] + ], + [ + == Static Analysis + #item-by-item(start: 5)[ + - Do *not* run the application + - *Not* limited by code coverage + - Some values cannot be computed + ] + + ], + grid.cell(colspan: 2, uncover(7)[ + #text(size: 30pt)[Can we combine both?] + ]), + ) +] + +#slide[ + #highlight-block(pb3-text) +] + +#slide[ + #highlight-block(pb1-text) + #highlight-block(pb2-text) + #highlight-block(pb3-text) +] + #new-section-slide([Tool Reusability]) #slide[ diff --git a/slides/lib.typ b/slides/lib.typ index 9aef431..cd7e603 100644 --- a/slides/lib.typ +++ b/slides/lib.typ @@ -38,6 +38,37 @@ pirat-color.red, } ] +#let highlight-color = pirat-color.blue.lighten(40%) + +/* don't work ? at least for raw block? +#let scale-down-to-page(body) = { + layout(size => { + let size_body = measure(body) + let ratio = if size_body.width == 0pt and size_body.height == 0pt { + none + } else if size_body.width == 0pt { + size.height / size_body.height + } else if size_body.height == 0pt { + size.width / size_body.width + } else { + let r_x = size.width / size_body.width + let r_y = size.height / size_body.height + calc.max(r_x, r_y) + } + if ratio == none or ratio >= 1 { + body + } else { + scale(ratio * 100%, body) + } + repr(size) + linebreak() + repr(size_body) + linebreak() + repr(ratio*100%) + }) +} +*/ + #let ghost( img, x: 0pt, y: 0pt,