This guy is next level. Alot of people are very technically strong, knowledgeable or even clever, but they are compartmentalized. He really allows ideas to recurse, cross-pollinate and doesnt stop going with them. To me that is the true definition of genius.

this guy is the best. somehow rolled a 20 INT, 20 CHR, and a cyber security trait lol

Epic. Taking a pic off their webcam if they had one and using that as the image in the CFG would be good too!

This is my third talk by Domas, I love this guy, he's funny, a hyper-nerd and I understand around 70% of what he's talking about. His exposition on reverse engineering reversers was awesome.

Next step: operating system, compiled entirely into MOVs, running inside a VM... also compiled into MOVs. Bonus points for implementing Quicktime drivers as part of the system, so it can _play_ .MOVs using only MOVs (...ahem)

This guy is truly a genius

That QR Code got me.

"Why is my dog in the malware?" - Hypothetical reverse-engineer who fell for the dumbest malware plan ever

Now I need to go put Clippy in my assembly.

33:29 the most laborious one i've ever seen. i salute you, sir.

Amazing talk, knowledgeable speaker, makes the talk interesting and knows how to reach to people. Good job!

This is bonkers! Just my kind of thing; thanks for sharing. Cheers!

Something like a surgeon placing atoms in liver in a way that next surgeon would see nice message. What a pro.

That guy has wayyy too much time :) Best DEFCON talk I have every heard :D

I love this. Trolling at an epic level.

Can't begin to describe all the thought paths this brought back making my own conclusions after looking at one piece of asm for hours on end... but then to make a compiler just to prove it and bring it to a stage... wtf... EDIT: okay, saw the whole thing now, with the manipulated control graph imagery based on your personal files etc... This guy is legendary.

The Movfuscator is pure genius! But I'm interested to know what Chris can do with Java bytecode.

Oh my, this dude is a genius, and that's an understatement

23:54 Lesson learned: x86 is the hardware equivalent of Windows, which explains why Windows is mainly an x86 OS and Win 10 on ARM isn't making much progress in the market.

Now I need to compile Linux with Movcc

Talk about extreme RISC, I wonder what a processor with only the mov instruction would look like and if it could be optimized to match modern processors.

imagine this as real malware

...i need to rethink my career path...

Hmm, now, the modern world has trained us to believe that pixels have to be square, but it wasn't always necessarily thus, and for applications like this it need not be either. For the greyscale photos it's fairly optimal, but there are other types of image where a wider or narrower pixel could be better suited, and certainly cases could be made for one or the other if they better suited an attempt to weave actually useful execution payloads through the maze of dummy code. For example wider ones would tend to suit old-school game sprites, whereas narrower ones are generally better for text (and some other forms of graphics). And of course if they're double/half the size in one dimension vs the other you can always double up where a square is still needed. Particularly with a tall, rather than wide "pixel", you can still retain a degree of greyscale capability with otherwise small blocks (as the shading is dependent on how much of the available height is used, not width), and be able to write a meaningful amount of text within even a relatively small edit window, perhaps even implementing anti-aliasing, but having some freedom over what code goes where as you could write dark-ish text on a light-ish background (which gives the greatest space for writing functional code, as well as obfuscating garbage) and it would still be legible with some degree of "noise", as one or two instructions more or less wouldn't cause the block to get close to the 50% mid-grey point. Text being quite good for really messing with someone, as they might not immediately recognise a random and probably long-forgotten photo or other image from their HDD that's been mashed down to a 64x64 pixel thumbnail in about 10 shades of halftone-simulated grey, but if you can fish their name or operating handle from somewhere on the system (or the name of some contact of theirs and treat it accordingly) and include it in a short passage of mildly threatening but above all _super creepy_ text that appears to rise stochastically out of the code... that's pretty unequivocal and I'm pretty sure that if I saw that happen at 3am after a long hacking session in a dark and suddenly very quiet, very cold, very lonely room, that program and immediately afterwards that laptop would be closed with a bang registerable on local seismometers and flung across the room with no heed paid to possible damage. And of course if you really wanted, photos could be adjusted for non-square pixels: you just have to do a smooth resize with proportions distorted in an inverse relationship to the pixels they'll be encoded as. Once converted into code, and displayed in IDA, they'll automagically reverse that initial distortion and appear with the correct aspect ratio. I wonder also whether fairly sparse code path maps could be used to do more vector-style rather than pixel grid drawing using some kind of viterbi reverse tree search voodoo, if the rules for how IDA arranges and spaces things out could be more concretely determined? It might actually allow for more sophisticated images to be created with smaller output executables...

This is a whole other level of trolling and genius. Props and wow! So interesting to watch

It's like emulation engineering via assembly with complex fractal abstrations

The QR code didn't get me. That's the first time I'm thankful for GEMA.

so strong. love to you dude. best talk at 23

Wow, this was his first talk? No way, he did that visualization stuff in 2012

That Movfuscator is an atrocity!

I just had to scan the QR code, didn't I?

may be the most!! resounding!! applause!! ever@defcon!!! .... .... .... aRt!!!!

Is there any way to rearrange those etch-a-sketch IDA control flow diagrams, due to recode at runtime .. and if so doing a 'lode runner'- 'qbert'- or at least 'snakes'- -'longplay' ??? Or, or, or ... a full Episode of Masters of the Universe! ... hmm reminds me of C=64 .. seems i have to PEEK a lil' deeper into that POKE; anyhow thanks for bringing back the magic via MOVfuscator and actually keeping the record straight for the x86-multiverse. Very entertaining. What worries me is i do understand what you are eloquently speaking about, although i can't remember when and where i could have set video-playback to 2.00x speed ... ;)

Great Efforts and Really c00l video, IDA got smashed

So a movuscator program would be immune to CPU architecture exploits, right? A program that has two different behaviors between mov code and regular assembly would indicate something was amiss?

I think it must be time to build a computer that only implements mov instructions.

Wow, that was hilarious. Very good video.. Very good. Smart guy right here.

Achievement unlocked: Inception complete!

This is nuts! I'd go with "We know where you live..."

forget security benefits. this is awesome in its own right

oh wow! this one is high level!

IDA GOAT.

That's brilliant. Probably Useless, but brilliant.

On the fringe of cyber security research

Artist absolutely everywhere even in your source source code go have fun with it

That final piece of "malware" should make use of the webcam... Seeing yourself would be a little weird :)

So this is what being a next-level troll is... :)

Good Job !

Godlike!

Could embed: "We've been trying to contact you about your Car's extended warranty. This is a final courtesy call..."

What about a kernel written with only mov instructions?...??

wow...the qr code is a rick roll

Epic idea and awesome talk. Sidenote though, regarding the QR-Code @ around 33:30: at least in Germany, the YT-link it takes you to is blocked :-( Still lol'ed pretty hard when I saw the title, but it kinda spoils the idea.

Sweet video !!

Wait you expect a reverse engineer to run the malware bare metal on their personal machine?:D

playing last return of the japanese final surrender with TRSi

Alternative title: How to make pixel art with IDA pro

So, what is the performance of a mov only program compared to a normal compiled one?

great talk :)

This is something awesome 😁

lol control flow graph messages

But what if you embedded Opcodes in the control graph? Would science go too far?

Brilliant.

Did this guy go for the Cypher look or was it the other way around?

33:25 next level cryptography

Homeboy is an artist. It's like BB King playing the blues. As simple as possible, but no simpler - it just makes you happy.

lmao i scanned the qr code out of curiosity watching this 4 in the morning.

This is like ascii art from hell. Or is it what snowcrush is about?:D

This video makes Facebook throw an error message.

Amazing!

I kind of wanted to see what a movoscated program looked like in Ida.

I don't understand any of this... but the drawings were funny ! I feel like a child.

that is insane

this is great and all but does he not look exactly like the default runescape character

Every time this guy is in my recommended I hope so badly it's a new one.. but I heard he got hired by Intel so he probably won't be doing these public talks anymore..

Great talk! Just put in some quotes from the star wars prequels. I mean, how long do you think you can stare at something like “You are in my very soul, tormenting me…” or “I wish I could just wish away my feelings”?

33:44 Got fucking Rick Rolled x'D

can you see AC ?

"Why is my dog in the malware?" /r/brandnewsentence

I just don't think that any code should have to be written twice, there's so much time and headache to write it the first time

BEST TROLLing EVER !!!

I use gdb mostly.

Elvis is Alive

Now to embed goatse in my code

I have a question for you when it comes to wanting to crack a game. Do you personally know if there is anyone talented enough in the scene to reverse engineer the game Path of Exile? People say it's one of the worst targets they've ever attempted, with a bunch of abstraction layers and you get perma banned if you even look too long. It's a live server client and the game is free, but people want to make their own private server out of it to be able to play the content the way they want, in a non-profit fashion obviously. Any ideas on how you would go about bypassing the drm on this live service client and getting the source code for people to make their own private server out of it?

He is the real king of trolls.

somehow I knew where that QR code will take me... ^^

Nice :D

sick

HOLY SHIT!

Holy shit, this is evil.

And then someone runs your program through MASM... Wow so hard!

I got lost at 0:00

One dude I reversed his code lots of Bible verses...

This man is a fucking legend lmaooo

Holy shiiiieeet

oh god idea a full build of gentoo with it mwa hahahaha

Hes the Tai Lopez of reverse engineering

I hate myself so I'll reverse engineer this

What a genius lol.