This guy is next level. Alot of people are very technically strong, knowledgeable or even clever, but they are compartmentalized. He really allows ideas to recurse, cross-pollinate and doesnt stop going with them. To me that is the true definition of genius.

this guy is the best. somehow rolled a 20 INT, 20 CHR, and a cyber security trait lol

Epic. Taking a pic off their webcam if they had one and using that as the image in the CFG would be good too!

Next step: operating system, compiled entirely into MOVs, running inside a VM... also compiled into MOVs. Bonus points for implementing Quicktime drivers as part of the system, so it can _play_ .MOVs using only MOVs (...ahem)

That QR Code got me.

This is my third talk by Domas, I love this guy, he's funny, a hyper-nerd and I understand around 70% of what he's talking about. His exposition on reverse engineering reversers was awesome.

"Why is my dog in the malware?" - Hypothetical reverse-engineer who fell for the dumbest malware plan ever

Now I need to go put Clippy in my assembly.

This guy is truly a genius

That guy has wayyy too much time :) Best DEFCON talk I have every heard :D

I love this. Trolling at an epic level.

This is bonkers! Just my kind of thing; thanks for sharing. Cheers!

so strong. love to you dude. best talk at 23

Amazing talk, knowledgeable speaker, makes the talk interesting and knows how to reach to people. Good job!

Now I need to compile Linux with Movcc

Something like a surgeon placing atoms in liver in a way that next surgeon would see nice message. What a pro.

23:54 Lesson learned: x86 is the hardware equivalent of Windows, which explains why Windows is mainly an x86 OS and Win 10 on ARM isn't making much progress in the market.

The Movfuscator is pure genius! But I'm interested to know what Chris can do with Java bytecode.

This is a whole other level of trolling and genius. Props and wow! So interesting to watch

Oh my, this dude is a genius, and that's an understatement

imagine this as real malware

Can't begin to describe all the thought paths this brought back making my own conclusions after looking at one piece of asm for hours on end... but then to make a compiler just to prove it and bring it to a stage... wtf... EDIT: okay, saw the whole thing now, with the manipulated control graph imagery based on your personal files etc... This guy is legendary.

33:29 the most laborious one i've ever seen. i salute you, sir.

That Movfuscator is an atrocity!

Hmm, now, the modern world has trained us to believe that pixels have to be square, but it wasn't always necessarily thus, and for applications like this it need not be either. For the greyscale photos it's fairly optimal, but there are other types of image where a wider or narrower pixel could be better suited, and certainly cases could be made for one or the other if they better suited an attempt to weave actually useful execution payloads through the maze of dummy code. For example wider ones would tend to suit old-school game sprites, whereas narrower ones are generally better for text (and some other forms of graphics). And of course if they're double/half the size in one dimension vs the other you can always double up where a square is still needed. Particularly with a tall, rather than wide "pixel", you can still retain a degree of greyscale capability with otherwise small blocks (as the shading is dependent on how much of the available height is used, not width), and be able to write a meaningful amount of text within even a relatively small edit window, perhaps even implementing anti-aliasing, but having some freedom over what code goes where as you could write dark-ish text on a light-ish background (which gives the greatest space for writing functional code, as well as obfuscating garbage) and it would still be legible with some degree of "noise", as one or two instructions more or less wouldn't cause the block to get close to the 50% mid-grey point. Text being quite good for really messing with someone, as they might not immediately recognise a random and probably long-forgotten photo or other image from their HDD that's been mashed down to a 64x64 pixel thumbnail in about 10 shades of halftone-simulated grey, but if you can fish their name or operating handle from somewhere on the system (or the name of some contact of theirs and treat it accordingly) and include it in a short passage of mildly threatening but above all _super creepy_ text that appears to rise stochastically out of the code... that's pretty unequivocal and I'm pretty sure that if I saw that happen at 3am after a long hacking session in a dark and suddenly very quiet, very cold, very lonely room, that program and immediately afterwards that laptop would be closed with a bang registerable on local seismometers and flung across the room with no heed paid to possible damage. And of course if you really wanted, photos could be adjusted for non-square pixels: you just have to do a smooth resize with proportions distorted in an inverse relationship to the pixels they'll be encoded as. Once converted into code, and displayed in IDA, they'll automagically reverse that initial distortion and appear with the correct aspect ratio. I wonder also whether fairly sparse code path maps could be used to do more vector-style rather than pixel grid drawing using some kind of viterbi reverse tree search voodoo, if the rules for how IDA arranges and spaces things out could be more concretely determined? It might actually allow for more sophisticated images to be created with smaller output executables...

oh wow! this one is high level!

Good Job !

Wow, that was hilarious. Very good video.. Very good. Smart guy right here.

Talk about extreme RISC, I wonder what a processor with only the mov instruction would look like and if it could be optimized to match modern processors.

Sweet video !!

Is there any way to rearrange those etch-a-sketch IDA control flow diagrams, due to recode at runtime .. and if so doing a 'lode runner'- 'qbert'- or at least 'snakes'- -'longplay' ??? Or, or, or ... a full Episode of Masters of the Universe! ... hmm reminds me of C=64 .. seems i have to PEEK a lil' deeper into that POKE; anyhow thanks for bringing back the magic via MOVfuscator and actually keeping the record straight for the x86-multiverse. Very entertaining. What worries me is i do understand what you are eloquently speaking about, although i can't remember when and where i could have set video-playback to 2.00x speed ... ;)

The QR code didn't get me. That's the first time I'm thankful for GEMA.

It's like emulation engineering via assembly with complex fractal abstrations

So a movuscator program would be immune to CPU architecture exploits, right? A program that has two different behaviors between mov code and regular assembly would indicate something was amiss?

This is something awesome 😁

Amazing!

Godlike!

Brilliant.

Wow, this was his first talk? No way, he did that visualization stuff in 2012

may be the most!! resounding!! applause!! ever@defcon!!! .... .... .... aRt!!!!

Achievement unlocked: Inception complete!

...i need to rethink my career path...

great talk :)

Brilliant

This is nuts! I'd go with "We know where you live..."

I think it must be time to build a computer that only implements mov instructions.

lmao i scanned the qr code out of curiosity watching this 4 in the morning.

So, what is the performance of a mov only program compared to a normal compiled one?

Great Efforts and Really c00l video, IDA got smashed

On the fringe of cyber security research

forget security benefits. this is awesome in its own right

sick

Nice :D

I just had to scan the QR code, didn't I?

So this is what being a next-level troll is... :)

Did this guy go for the Cypher look or was it the other way around?

But what if you embedded Opcodes in the control graph? Would science go too far?

That's brilliant. Probably Useless, but brilliant.

that is insane

this guy is great lol. theres vibe about him.

That final piece of "malware" should make use of the webcam... Seeing yourself would be a little weird :)

Epic idea and awesome talk. Sidenote though, regarding the QR-Code @ around 33:30: at least in Germany, the YT-link it takes you to is blocked :-( Still lol'ed pretty hard when I saw the title, but it kinda spoils the idea.

Great talk! Just put in some quotes from the star wars prequels. I mean, how long do you think you can stare at something like “You are in my very soul, tormenting me…” or “I wish I could just wish away my feelings”?

IDA GOAT.

33:25 next level cryptography

playing last return of the japanese final surrender with TRSi

Artist absolutely everywhere even in your source source code go have fun with it

BEST TROLLing EVER !!!

This is like ascii art from hell. Or is it what snowcrush is about?:D

somehow I knew where that QR code will take me... ^^

wow...the qr code is a rick roll

This video makes Facebook throw an error message.

Wait you expect a reverse engineer to run the malware bare metal on their personal machine?:D

hehe love it :D

What about a kernel written with only mov instructions?...??

I don't understand any of this... but the drawings were funny ! I feel like a child.

33:33, got me.

Holy shiiiieeet

lol control flow graph messages

this is great and all but does he not look exactly like the default runescape character

can you see AC ?

I kind of wanted to see what a movoscated program looked like in Ida.

Now to embed goatse in my code

HOLY SHIT!

I use gdb mostly.

This man is a fucking legend lmaooo

Homeboy is an artist. It's like BB King playing the blues. As simple as possible, but no simpler - it just makes you happy.

I have a question for you when it comes to wanting to crack a game. Do you personally know if there is anyone talented enough in the scene to reverse engineer the game Path of Exile? People say it's one of the worst targets they've ever attempted, with a bunch of abstraction layers and you get perma banned if you even look too long. It's a live server client and the game is free, but people want to make their own private server out of it to be able to play the content the way they want, in a non-profit fashion obviously. Any ideas on how you would go about bypassing the drm on this live service client and getting the source code for people to make their own private server out of it?

"Why is my dog in the malware?" /r/brandnewsentence

Elvis is Alive

Alternative title: How to make pixel art with IDA pro

I just don't think that any code should have to be written twice, there's so much time and headache to write it the first time

For anyone else who is wondering what that QR Code leads to, it's a Rick Roll. (facepalm laughs)

33:44 Got fucking Rick Rolled x'D

He is the real king of trolls.

oh god idea a full build of gentoo with it mwa hahahaha

What a genius lol.

Every time this guy is in my recommended I hope so badly it's a new one.. but I heard he got hired by Intel so he probably won't be doing these public talks anymore..

I got lost at 0:00

Holy shit, this is evil.