https://miscreants.github.io/blog.trailofbits.com/authors/ryan-stortz/Recent content in Ryan Stortz on The Trail of Bits BlogHugoen-usFri, 17 Apr 2020 15:53:10 -0400https://miscreants.github.io/blog.trailofbits.com/2020/04/17/revisiting-2000-cuts-using-binary-ninjas-new-decompiler/Fri, 17 Apr 2020 15:53:10 -0400https://miscreants.github.io/blog.trailofbits.com/2020/04/17/revisiting-2000-cuts-using-binary-ninjas-new-decompiler/It’s been four years since my blog post “2000 cuts with Binary Ninja.” Back then, Binary Ninja was in a private beta and the blog post response surprised its developers at Vector35. Over the past few years I’ve largely preferred to use IDA and HexRays for reversing, and then use Binary Ninja for any scripting. […]https://miscreants.github.io/blog.trailofbits.com/2019/11/14/introducing-iverify-the-security-toolkit-for-iphone-users/Thu, 14 Nov 2019 09:38:48 -0500https://miscreants.github.io/blog.trailofbits.com/2019/11/14/introducing-iverify-the-security-toolkit-for-iphone-users/“If privacy matters, it should matter to the phone your life is on.” So says Apple in their recent ads about Privacy on the iPhone and controlling the data you share—but many of the security features they highlight are opt-in, and users often don’t know when or how to activate them. But hey… we got […]https://miscreants.github.io/blog.trailofbits.com/2019/09/27/tethered-jailbreaks-are-back/Fri, 27 Sep 2019 15:09:08 -0400https://miscreants.github.io/blog.trailofbits.com/2019/09/27/tethered-jailbreaks-are-back/Earlier today, a new iPhone Boot ROM exploit, checkm8 (or Apollo or Moonshine), was published on GitHub by axi0mX, affecting the iPhone 4S through the iPhone X. The vulnerability was patched in devices with A12 and A13 CPUs. As of this writing, the iPhone XS, XS Max, XR, 11, 11 Pro and 11 Pro Max […]https://miscreants.github.io/blog.trailofbits.com/2019/06/27/use-constexpr-for-faster-smaller-and-safer-code/Thu, 27 Jun 2019 06:50:06 -0400https://miscreants.github.io/blog.trailofbits.com/2019/06/27/use-constexpr-for-faster-smaller-and-safer-code/With the release of C++14, the standards committee strengthened one of the coolest modern features of C++: constexpr. Now, C++ developers can write constant expressions and force their evaluation at compile-time, rather than at every invocation by users. This results in faster execution, smaller executables and, surprisingly, safer code. Undefined behavior has been the source […]https://miscreants.github.io/blog.trailofbits.com/2018/09/06/rattle-an-ethereum-evm-binary-analysis-framework/Thu, 06 Sep 2018 02:30:38 -0400https://miscreants.github.io/blog.trailofbits.com/2018/09/06/rattle-an-ethereum-evm-binary-analysis-framework/Most smart contracts have no verified source code, but people still trust them to protect their cryptocurrency. What’s more, several large custodial smart contracts have had security incidents. The security of contracts that exist on the blockchain should be independently ascertainable. Ethereum VM (EVM) Bytecode Ethereum contracts are compiled to EVM – the Ethereum Virtual […]https://miscreants.github.io/blog.trailofbits.com/2017/03/23/april-means-infiltrate/Thu, 23 Mar 2017 06:50:49 -0400https://miscreants.github.io/blog.trailofbits.com/2017/03/23/april-means-infiltrate/Break out your guayabera, it’s time for Infiltrate. Trail of Bits has attended every Infiltrate and has been a sponsor since 2015. The majority of the company will be in attendance this year (18 people!) and we’ll be swapping shirts and swag again. We’re looking forward to catching up with the latest research presented there […]https://miscreants.github.io/blog.trailofbits.com/2016/06/03/2000-cuts-with-binary-ninja/Fri, 03 Jun 2016 12:14:34 -0400https://miscreants.github.io/blog.trailofbits.com/2016/06/03/2000-cuts-with-binary-ninja/Using Vector35’s Binary Ninja, a promising new interactive static analysis and reverse engineering platform, I wrote a script that generated “exploits” for 2,000 unique binaries in this year’s DEFCON CTF qualifying round. If you’re wondering how to remain competitive in a post-DARPA DEFCON CTF, I highly recommend you take a look at Binary Ninja.https://miscreants.github.io/blog.trailofbits.com/2015/05/13/closing-the-windows-gap/Wed, 13 May 2015 17:26:29 -0400https://miscreants.github.io/blog.trailofbits.com/2015/05/13/closing-the-windows-gap/The security research community is full of grey beards that earned their stripes writing exploits against mail servers, domain controllers, and TCP/IP stacks. These researchers started writing exploits on platforms like Solaris, IRIX, and BSDi before moving on to Windows exploitation. Now they run companies, write policy, rant on twitter, and testify in front of […]