mailing list archives
Re: Trojan Languages
From: William Arbaugh <warbaugh () gmail com>
Date: Thu, 21 Nov 2013 16:15:41 -0500
On Nov 21, 2013, at 2:53 PM, Dave Aitel <dave () immunityinc com> wrote:
But you're getting one, *very* important thing when you use Python:
1. Your most complex code will be a lot less buggy.
For advanced remote access trojans, you are operating in a completely unknown environment and frankly, you may NEVER
be able to update it or reach it again. Any detection or failure could be globally catastrophic. This means your code
has to be forward thinking in a way that is not typical. So it simply has to be much more correct than code usually
and here I was thinking Haskell.
People tend to write complex things more CORRECTLY in Python than in Ruby or Lua or (Naudhubillah!) C. That reason
alone is why the future of remote access trojans is embedded Python engines. If you're trying to build trojans that
have emergent behavior, then you need a language that makes that behavior as clear and easy to understand as
again Haskell ;).
I've always viewed emergent behavior as the behavior that occurs when a large number of well defined objects (usually
small) interact. An example might be a number of INNUENDO nodes that dynamically form an overlay network for exfil.
IMHO the only behavior that emerges from complex code is behavior we DON'T want.
Dailydave mailing list
Dailydave () lists immunityinc com