Security in Integrated Circuit 
Company 
Blog
Contact us
eShard
/
escoaching
/
Virtual Machine Unicorn
Intermediate

Reverse engineering a Virtual Machine using Unicorn

Virtualization-based security technique is a popular technique to protect and run sensitive code. The challenge it brings is the additional task of reverse engineering a code implemented with custom instructions in the context of an application protected with multiple layers of protections. In this context, lifting the to-be-reverse-engineered code outside and emulating it, would be one of the best solution. In this training, you will learn to use Unicron with the aim of recovering the custom code of a virtual machine embedded within an application.

Covered Topics

  • What is code emulation, and in what case it is very useful
  • How to use Unicorn to emulate a custom CPU to execute a code
  • How to reverse engineer a virtual machine using Unicorn

Exercises

This is the second module of a 3-parts exercise.

You will have to use Unicorn in order implement a custom CPU so the code that was recovered from the first part of the exercise can be executed and analysed at runtime.

The main objective of the exercise is to reverse engineer the code of a custom virtual machine that is used to execute a custom code that implement sensitive code.

Requirements

  • Programming languages: C/C++, Java
  • Linux environment system
  • Basic ARM Assembly language knowledge
  • How to disassemble and decompile an application (module 1 and 2, Essential Reverse Engineering)
2000€
Contact us

Practical informations

Overall duration: 5 to 10 days

Schedule: 9.30AM - 12PM (CET/CEST) - virtual/in person

Number of trainees: 2 trainees max.

Our Coaches

Guillaume
Vinet
© eShard 2021. All rights reserved
Privacy policy | Legal Notice
Bâtiment GIENAH
11 avenue de Canteranne
33600 Pessac
France
eShard Nudge
7 rue Gaston de Flotte
13012 Marseille
France
eShard GmbH
Beethovenallee 21
53173 Bonn
Germany
Paya Lebar Quarter
#04-01 Paya Lebar Link
408533
Singapore