Monthly Archives: November 2013

Analysis of CVE-2013-3906 (TIFF)

This is just a demonstration of malware analysis with Profiler, I haven’t looked into previous literature on the topic. So, perhaps there’s nothing new here, but I hope it will be of help for our users. We open the main … Continue reading

Posted in Profiler | Tagged , , , , , | Comments Off on Analysis of CVE-2013-3906 (TIFF)

News for version 1.1

And here it is. – added libmagic to the SDK – added preliminary ELF support – added TIFF support – added GZ, BZ2 and LZMA file support – exposed internal API for files and paths to Python – hooks are … Continue reading

Posted in Profiler | Tagged | Comments Off on News for version 1.1

TIFF Support

The upcoming 1.1 version of Profiler includes support for TIFF image files. This addition completes the list of most popular supported image formats (JPEG, PNG/APNG, GIF, BMP/DIB, TIFF). The support was actually already partially there, because the Exif format (which … Continue reading

Posted in Profiler | Tagged | 2 Comments

libmagic Support

While Profiler offers an API to identify file formats, it does so only for those which are supported. The list of supported files is vast, but there will be always unrecognized formats. It’s certainly a good idea to introduce a … Continue reading

Posted in Profiler | Tagged , | Comments Off on libmagic Support

ELF Support

The upcoming 1.1 version of Profiler introduces preliminary ELF support. I said preliminary as the support wasn’t originally scheduled for this version. Anyway, here are some screenshots… Segments (called program headers in the official terminology): Sections (object files for instance … Continue reading

Posted in Profiler | Tagged | Comments Off on ELF Support