Jump to content
Tuts 4 You

Web RE vs binaries RE

learnReverse

By learnReverse
in General Discussions and Off Topic

 Share

Recommended Posts

learnReverse

learnReverse

Posted
Posted

So i recently got into reverse engineering world and found out all cool stuff and tools that people use in order to analyse software that is being ran on certain OS. On other hand, I barely see people reverse engineering web based applications, so i wanted to understand is this true and if there are some similar platforms such as crackme but for web based reverse engineering?
 

Thanks a bunch

Link to comment
Share on other sites
NOP

NOP

Posted
Posted

Web based is a pretty broad term. There are sites that crack flash games, unity games, javascript exploits and lots of others. Or are you talking about 'Hacking' into some sort of cloud? You would have to be more specific?

Link to comment
Share on other sites
learnReverse

learnReverse

Posted
  • Author
Posted

Well i'm mostly reffering to antibots for example. An example is anti bots such as Cloudflare, Akamai, Perimeterx etc. that detect bots on sites. Their Javascripts are heavily obfuscated and virtualized sometimes even. Some sites even create their own custom anti bot scripts that are heavily obfuscated so i was wondering if there is any interest in this community towards this  angle or its more oriented towards binaries?

Link to comment
Share on other sites
Taitor

Taitor

Posted
Posted (edited)
10 minutes ago, learnReverse said:

Well i'm mostly reffering to antibots for example. An example is anti bots such as Cloudflare, Akamai, Perimeterx etc. that detect bots on sites. Their Javascripts are heavily obfuscated and virtualized sometimes even. Some sites even create their own custom anti bot scripts that are heavily obfuscated so i was wondering if there is any interest in this community towards this  angle or its more oriented towards binaries?

Malware analysis is done here. But breaking legitimate bots and software is not allowed here, since it could be deemed illegal in some cases. Bypassing protection measures (legit) ones always raises eyebrows and can cause problems if clear tuts are made available with clear intention to bypass them.

Edited by Taitor
  • Like 1
Link to comment
Share on other sites
Progman

Progman

Posted
Posted

Im surprised machine learning is not enough to avoid getting into white box reversing of virtualized or obfuscated javascript.  I've still yet to see an convincing project though to simulate human like input e.g. mouse and keyboard or even touch screens and their timing subtleties.  And many detection systems bait with captchas while really analyzing input.  The mouse is a really amazing source of data in fact.  It is so good that it is used for entropy generation to seed random number generators.  Subtleties in acceleration or jaggedness in arc like movements are certainly there.  Not to mention differences between mouse brands and DPI and software settings.  My guess is the detection is extremely approximate due to the wide variety of environments.  But certainly most bots would do easily detectable perfect movements or perfect timing.

Without writing the bot input detection framework first though, it would be hard or basically impossible to measure how realistic an ML tool would be considering it has to work in real time.  It's certainly possible with the raw computing power and multiple core situation these days.  Would make an interesting scientific research paper even.

Link to comment
Share on other sites
learnReverse

learnReverse

Posted
  • Author
Posted (edited)
3 hours ago, Progman said:

Im surprised machine learning is not enough to avoid getting into white box reversing of virtualized or obfuscated javascript.  I've still yet to see an convincing project though to simulate human like input e.g. mouse and keyboard or even touch screens and their timing subtleties.  And many detection systems bait with captchas while really analyzing input.  The mouse is a really amazing source of data in fact.  It is so good that it is used for entropy generation to seed random number generators.  Subtleties in acceleration or jaggedness in arc like movements are certainly there.  Not to mention differences between mouse brands and DPI and software settings.  My guess is the detection is extremely approximate due to the wide variety of environments.  But certainly most bots would do easily detectable perfect movements or perfect timing.

Without writing the bot input detection framework first though, it would be hard or basically impossible to measure how realistic an ML tool would be considering it has to work in real time.  It's certainly possible with the raw computing power and multiple core situation these days.  Would make an interesting scientific research paper even.

You should then take a look at Akamai's anti bot. They use machine learning principles and one of their biggest defense is mouse movement analysis. 

Edited by learnReverse
  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...